Recommended roles and permissions for user accounts

Set up user accounts to ensure the safety of data while working with multiple users on the same platform

To ensure the safety of data and allow for accountability while working with multiple users on the same platform, we recommend that you:

  • Personalize each account to only one user, using a professional or company provided email address
  • Set a user role that precisely corresponds to the tasks that need to be performed
  • Instruct your users never to share their password with anyone else
  • Activate multi-factor authentication for each account in your system

Create accountability, multi-factor authentication, and user permissions


When working with multiple users on the same platform, personalized user accounts provide accountability, so that changes made to data are traceable to a specific person. When accounts are shared by multiple persons, there’s no way to track who is accessing the system and when, nor can it be traced which person actually performed a change. Shared accounts make a system vulnerable to unauthorized access.

Multi-factor authentication (MFA)

When this feature is activated, users who log in with their email and password on the device for the first time will be required to verify their identity through an additional authentication method. On the platform, this is done with a verification code that’s automatically sent to the user’s phone via text message. Only when both steps of the authentication have been successful, the user will be given access to the platform. This process protects your data from being accessed by an unauthorized third party that may have been able to discover, for example, a single password.

User permissions

A user's editing capabilities are managed through the user role. If left unassigned, the user account can edit main entities in the sections archive, agent, publications, auctions and exhibitions but cannot edit any artwork or art event data. The user roles reader, researcher, editor and admin define which editorial state a user is permitted to edit.

Which user role should you choose?

The available roles are reader, researcher, editor, and admin.

  • A reader has access to all information but can’t make changes to it.
  • A researcher can edit and delete information with the statuses draft and ready.
  • An editor can edit and delete anything in the statuses draft, ready, and checked.
  • An admin has the same permissions as the editor and has the ability to publish artwork entries. Admins do not need an artist assignment to change artwork or art event data.

Project admins are responsible for deciding who gets access to the platform and which user permissions are granted. 

It is also possible to limit a users editing rights by artist project via artist assignment. 

Read more about this in: How to assign user roles and permissions

How do I set up a new user account?

To have a new user account set up, share the following information with our support team:

  • Email address:
  • First name:
  • Last name:
  • User role:
  • Phone number: +[country code]
  • Artist assignment (if applicable): 


Last updated: Feb 9, 2023