roles and permissions
Roles and permissions
Understand why pages, modules, and Flora tools appear differently for different users.
Access model
HeyFlora beta uses role and module access to control protected pages and Flora actions. This means two users may see different navigation, buttons, records, and Flora capabilities.
Agent tools
A selected agent can expose a tool only when that tool is in the agent policy and the current user is allowed to invoke it. Tools are grouped by business capability, such as knowledge read, CRM read, property operations, field operations, plant health, scheduled task management, and admin configuration.
A bundle is not a permission grant. It is a selection surface. HeyFlora still checks the current user's access when tools run.
Foundational tools
Every agent includes basic interaction tools such as asking clarifying questions when more detail is needed. Public product-help docs are always readable and stay separate from your private tenant knowledge.
Common checks
If a user cannot see a page or Flora cannot complete a workflow, check:
- The user's role.
- The enabled modules for the workspace.
- The selected agent's tool policy.
- Whether the user is operating in the right customer or property context.
Admin work
Admins can manage users, roles, modules, and agent configuration from protected admin surfaces when their access allows those routes.
