Grado’s User Management framework is divided into two complementary areas:
User Accounts Management – controls who can log in to Grado.
User Access Management – controls what users can see or do once logged in.
Together, they ensure that every user in the system has the right credentials and the right permissions for their role.
Admin Workflow for User and Access Setup
From account creation to permission-based access, this process ensures every user in Grado has the right visibility and control.
A User Account is created (for a student, faculty member, or administrator).
The student and faculty accounts have pre-determined roles and permissions.
The admin account is assigned a Role or specific Permissions.
The assigned role defines Access to modules and functions.
The user logs in and interacts only with features enabled for their access level.
💡 Example:
A Registrar user is created an admin account in Setup > Permissions -> + Admin and is assigned the Registrar role via Setup > Permissions -> Apply Role Template.
This role enables them to manage enrollment, approve student records, and generate academic reports — but not access payment-related modules.
Handled through People Management (for Students and Faculty accounts) and Setup > Permissions (for Admin accounts), the User Accounts area covers:
Creating and updating user profiles
Managing login credentials (passwords or SSO)
Deactivating, blocking, or unlocking accounts
Bulk upload and import of users
Each account represents an individual person with unique credentials and record history.
💡 Tip: Always check for duplicate accounts before creating a new one. Grado enforces unique usernames and email addresses per tenant.
📘 Go to: User Accounts Management (Overview)
Handled through Setup > Permissions and Setup > Roles, the User Access area focuses on:
Creating and editing roles
Assigning permissions and access scopes
Restricting or expanding module visibility
Reviewing or auditing existing access levels
Access determines what actions a user can perform — such as viewing grades, editing records, or approving requests.
📘 Go to: User Access Management (Overview)
| Aspect | User Accounts Management | User Access Management |
|---|---|---|
| Purpose | Manages people and credentials (the “who”) | Manages permissions and privileges (the “what”) |
| Access Path | People > Students / Faculty or Setup > Permissions > Admins | Setup > Permissions > View/Edit Permissions / Apply Role Template |
| Typical Actions | Create, edit, deactivate, reset passwords | Define roles, assign permissions, restrict access |
| Primary Admin | Registrar or HR Administrator | System Administrator or IT |
| Data Effect | Controls login and identity | Controls visibility and actions in modules |
| Task | Handled Under |
|---|---|
| Add a new student, teacher, or admin | User Accounts Management |
| Reset a user’s password or unlock login | User Accounts Management |
| Assign a role to a user | User Access Management |
| Limit access to certain modules (e.g., Finance, Grades) | User Access Management |
| Review permissions before AY rollover | Both (review accounts and access) |
Manage accounts first, then configure access.
Use roles for common staff functions instead of assigning permissions individually.
Review user access at least once per term or after major updates.
Document role or access changes for audit tracking.
Avoid combining unrelated roles (e.g., Cashier and Registrar) unless absolutely necessary.
💡 Tip: Roles and permissions apply only to active user accounts. Deactivated or blocked users cannot access the system, regardless of assigned roles.
User Accounts Management handles who can use Grado.
User Access Management handles what they can do.
Together, they form the foundation of secure and organized system administration in Grado.
Use this overview to decide which area you need to work with, then follow the links below for step-by-step guidance:
