Permissions & Sharing
1. What It Is
SynergyOS uses a unified permission model across all apps — Drive, Email, Notes, Tasks, Chat, and more.
You assign access at the folder level, and those rights apply everywhere.
Folders control:
- Who sees the content (visibility)
- What they can do with it (permissions)
Additionally, you can grant item-level permissions for specific cases. For example, a chat created in a shared folder is only accessible to its participants, even if others can see that the chat exists.
Users can be internal (your organization) or guests (external collaborators), each assigned a role that defines their capabilities.
2. Why It Matters
Most systems have disconnected permission models: files are in shared drives, email is just personal, notes live in a separate CRM, tasks in To Do lists, and therefore everything lives in a separate silo. SynergyOS solves this:
SynergyOS replaces that with a single, consistent model:
- ✅ One system for all content — files, tasks, emails, and more
- ✅ Share folders, not copies — avoid duplication and chaos
- ✅ Live access enforcement — links respect real-time permissions
- ✅ Audit trail ready — every action and permission change is tracked
- ✅ Item-level security — restrict access even inside a shared folder
3. How to Use It
Account Types
There are three types of users in your SynergyOS repository:
| Type | Managed By | Description |
|---|---|---|
| Admin | Your org | Full access to all content and settings via Admin Center |
| Internal User | Your org | Created by admins. No access until added to folders |
| Guest User | Your org | External collaborators (clients, partners) invited into specific folders |
Delegated User & Group Management (Directory)
Admins can grant the User Management capability to trusted internal users so they can handle routine updates in Directory without full admin rights. Delegated users can create, edit, and disable internal Users and Groups. This affects account records only; content access still depends on folder and item permissions.
For Admins: Enable it
- Open Directory.
- Go to Users.
- Select the teammates to delegate and check User Management.
For Delegated Users: Use it
- Open Directory and choose Users or Groups.
- Use New, Edit, or Disable to make changes.
- Review and Save. Updates apply immediately.
Use cases
- Faster onboarding for employees and contractors.
- Keep groups aligned with current teams and projects.
- Immediate access removal during offboarding.
Notes
- Only internal users with User Management see these controls.
- Admins can grant or revoke this capability at any time.
- Delegation does not grant access to content; folder and item permissions continue to apply.
Tip: Delegate User Management to HR or team leads to keep org changes current without bottlenecks.
Roles for Internal and Guest Users
Roles control what a user can do once they have access to a folder. Each organization can restrict which roles are available.
| Role | View | Edit | Share | Bulk Download | Notes |
|---|---|---|---|---|---|
| Admin | ✅ | ✅ | ✅ | ✅ | Full control |
| Editor | ✅ | ✅ | ✅ | ✅ | Standard collaboration |
| Restricted Editor | ✅ | ✅ | ❌ | ❌ | Can’t invite, no bulk actions |
| Viewer | ✅ | ❌ | ❌ | Some | Read-only, can print/attach |
| Previewer | ✅ (web only) | ❌ | ❌ | ❌ | Online view only |
Folder Permissions
Permissions are assigned at the folder level and inherited by all content inside.
- Inheritance: Items and subfolders inherit access from their parent folder
- Cascade: Permissions apply to all current and future subfolders
- Non-Cascade: You can also share access to a folder without cascading to subfolders
Example: Give a lawyer access to
/Clients/Acme/Contractswithout letting them see/Clients/Acme/Emails.
Item-Level Permissions
Some items, like Chats, Files, or Tasks, support item-specific sharing:
- Folder-level permissions define who sees the item exists
- But the item itself can restrict who can open or interact with it
Example: A Chat created in
/Clients/Acmeis visible to folder members, but only participants can read or write inside it.
Item-level permissions do not override folder visibility, only access to the item's contents.
Path Links
You can generate links to any item — but links don’t grant access. They only work for people who already have permission.
| Type | Behavior |
|---|---|
| Path | Opens file or folder in SynergyOS |
| Hyperlink | Same as Path, but with a friendly display name |
| Item ID | Internal reference (can be used in search or support) |
Microsoft Office Co-authoring
You can co-edit Word, Excel, and PowerPoint documents in real time — if your org has a Microsoft 365 license.
- Works with Office Online and desktop Office apps
- Supports internal users and guests
- Changes are saved automatically as a new version in SynergyOS
To use it:
- Select a document
- Choose Open with Office Online or right-click and use the Office options
This will also be explained under Version Control & Co-Authoring.
4. FAQ
Q: Can I set different permissions in each app (e.g. files vs. email)?
A: No. Permissions apply to folders and are consistent across all apps.
Q: If I share a path link, does it give access?
A: No. The link opens the file only if the recipient already has permission.
Q: What's the difference between internal and guest users?
A: Internal users are managed by your admins. Guests are invited collaborators with limited access.
Q: Can guests co-author documents?
A: Yes — as long as they’re given access and your organization has an M365 license.
Q: Can I restrict access to a single file inside a shared folder?
A: Yes. Items like Chats or sensitive Files can have their own participant list, even inside a shared folder.