Managing users
Last updated
Last updated
In order to administer users, you need to use an administrator account, and click on a relevant option in the upper right corner of ClauseBuddy.
Users typically correspond to physical persons — like Mia, John, Marie and Peter. You can create as many users as your subscription allows.
Each (physical or functional) user will have a security code ("login") associated with his/her account. You can treat this security code as a combination of a user name and password, so you should properly safeguard this code.
ClauseBuddy also allows you to create functional users, such as "External client", with limited access to only certain search folders and subfolders.
In addition, in the full version, you can create multiple security codes for functional users. For example, you will probably want to create a separate security code for each external client that you grant access to a part of your clause library, in order to create separate legal "subscriptions", with separate pricing, expiry dates, and so on. Even so, all those security codes may point to the same functional user(s), so that you don't have to juggle with separate access rights for every single client.
Groups typically correspond to different departments in a law firm or inhouse legal team — e.g., Corporate Law, M&A, Employment Law, and so on. Each group you create, will also have its own search folder.
However, because groups also facilitate access control, you may also want to create cross-department groups — e.g. the Aviation Group with lawyers from both Corporate Employment sharing knowledge to work together to target a specific sector.
Each group can have its own "access bundle", i.e. a set of access configurations that define who can read and/or edit folder with clauses.
Most aspects of managing users are fairly easy: simply click on a user and change his/her name or email address.
Even so, a few points of attention:
You can designate one or more users as clause curators, i.e. persons to whom everyone can send new clauses, to review/cleanup and insert into the library. Typically, this will be an experienced person.
You can have one or more anonymous accounts. As implied by their name, such accounts do not correspond to one particular person, but are instead intended to be used to allow third parties to use documents/templates without having to login with a username/password/security code. You can create multiple anonymous accounts, because it can be interesting to have slightly different configurations for different types of anonymous logins. For example, one login can be configured to have French as its default setting and be allowed access to corporate governance folders; while another anonymous accounts can be configured to show content in English and be allowed access to employment folders.
By clicking on the Groups button, you can see which groups the user is a member of. If you want to effectively change memberships, you should go to the Groups management section (described below).
By clicking on the Login codes button, you can get an overview of the security code(s) currently assigned to each user. While you can copy and revoke login codes here, you should go to the Logins management section to create new login codes.
In the Rights part, you can assign or revoke rights for each user. For example, you may want to remove certain search options for less experienced users in your team.
You may also want to have a look at Access Bundles, which manage the rights on the level of an individual item (e.g., a clause, a folder, a template, a Clause Hunt locker, etc). A user who wants to edit a certain item (e.g., a clause) will need to have both the right to edit clauses in general, and needs to have access rights to edit that particular clause.
You may also want to check out Profiles for enterprise-level management of rights.
In the Logins section, you can manage the security codes of each user.
To add a security code, simply click on the green + Security code button, and choose the right user. The security code itself cannot be chosen by you, as it will be randomly generated by the system.
Once generate, you can click on the copy button (the two squares) to copy the security button to your computer's clipboard.
When a security code would get compromised — e.g., after a hack or laptop being stolen — you can simply throw away the security code, and generate a new one for the relevant user.
In the Enterprise version of ClauseBuddy, you can add multiple security codes for functional users (e.g., external clients). This version also allows you to assign descriptions and expiry dates to each security code.
Editing groups is as easy as clicking an existing group and modifying its properties. Or clicking the green + New group button to create a new group. Even so, a few points of attention:
When creating a new group, you are asked whether the new group should have its own sub-library. For most groups that you will create, you will indeed want to create such as sub-library, as it comes with its own search folder, and therefore allows you to logically segment your content into different parts. However, some groups are purely created for access control reasons, and may therefore not require their own sub-library.
In the Members tab of the group (not visible until a group is effectively created) you can assign or revoke the membership of every user.
When you check the New user default option, this group will be assigned to a new user that gets manually created by the administrator. (The administrator can however manually disable membership of that group, if he doesn't want the new user to be a member.)
When On-the-fly-default is checked, a new user will automatically be assigned membership of this group when first being authenticated via SSO. Read the section on On-the-fly-default below for more information.
For enterprise-deployments, you probably also want to use profiles. These allow you to create different bundles of rights, assign them to different types of users, and then centrally update them. The main advantage of these profiles is that you can centralise the management of all rights, so that you don't have to manage each user individually.
Profiles are not available in the standard version of ClauseBuddy: you need to have an enterprise license.
You can create as many profiles as you want (potentially with overlapping rights), and then assign one or more profiles to an individual user. All rights of all profiles assigned to each user are then accumulated. A typical setup is for example to have the following in a law firm:
a "base" profile in which a minimum number of rights are activated
a profile for curators, in which you assign a few additional rights
a profile for senior legal experts, with a few other rights
a profile for testers, with all rights enabled.
If a certain lawyer would then be assigned the rights of "base" + senior legal expert + testers, she would get the combination of all rights.
You can easily manage the profiles through self-explanatory buttons in the management settings of ClauseBuddy.
Once one or more profiles are assigned to a particular user, it is no longer possible to configure the individual rights for a particular user. The rights will be greyed out:
It will sometimes happen that you want to assign just a few extra rights to one particular user, perhaps even for just a limited amount of time.
The best practice is to create a special profile in such case and then assign it to that user. In that profile, you enable only these few extra rights that are required, and leave everything blank.
It also remains possible to assign no profile to a particular user, even when all other users within the customer have profiles assigned to them. In such case, you can assign individual rights to that user however you like.
Profiles also allow you to manage which LLMs can(not) be used by certain combinations of users and ClauseBuddy modules. See our separate help-page for more information.
A profile can also be set to be the "new user default". This means that if a new user is manually created by the administrator, the user will automatically be assigned this profile. In a typical setup, you will for example assign the "base user" profile as the default for new users.
If Single Sign On (SSO) is actived on your account, then you will also see the On-the-fly-default option when you select a profile or group.
This setting allows you to specify which profile(s) need to be assigned to a user who for whom no account exists in the ClauseBuddy server, but who is authenticated by your authentication server (e.g., Microsoft Entra / Azure). If at least one profile is set as on-the-fly-default, then ClauseBuddy's server will automatically create a user account for this user and assign the profile(s) tagged as on-the-fly-default to that user account, as well as any group that is set as a default group for the user.
In practice, this allows large organisations to avoid having to individually create users within ClauseBuddy. Assuming that a user can authenticate through the customer's SSO-server, ClauseBuddy's server will automatically create the user account and apply reasonable defaults.