Security groups

Where to find it

Administration → Security Group

Who can use it

Administrators with security-group access

Direct URL

https://app.nextal.com/conf/admin/roles

🔒Requires permission:Security Group Management

See the Permissions reference for every permission and what it controls.

A security group is a named set of permissions. Each user is assigned one security group (see Users), and that group decides exactly what they can see and do across the ATS, HRIS and Administration areas. Nextal ships with built-in default groups, and you can create your own.

Screenshot pendingThe Security Group page: a stack of expandable group cards, each with edit and delete actions, and an 'Add User Security Group' button. An expanded card shows permission toggles grouped by area.

Each group is an expandable card. Expand one to grant or revoke its permissions.

The list of groups

Each group appears as a card you can expand to view and change its permissions. The built-in default groups sit alongside any custom groups you create. Use Add User Security Group to create a new one.

Adding a security group

Click Add User Security Group to open the side panel:

• Active / Inactive — a toggle for whether the group is in use.
• Language — if your account supports more than one language, pick a language and name the group in each one; the group’s name then shows in each user’s language.
• Name — what the group is called.

Click Add. A new group starts with no permissions — you grant them next, from the group’s card.

Granting permissions

Expand a group’s card to see its permissions, organized by area:

• ATS — candidate, job, client, contact, application, template and note management.
• HRIS — the HR-information permissions.
• Admin — access to the administration and configuration areas.

Within each area, permissions are grouped (for example Candidate Management), and each one is an individual toggle with a plain-English description. Under Candidate Management, for instance:

• Candidate List — let the user list candidates (this also turns on the Candidates menu)
• Candidate Create — create new candidate profiles
• Candidate Read — view candidate details
• Candidate Edit — update candidate information
• Candidate Delete — delete candidate profiles

Toggle a permission on or off to grant or revoke it. Changes save immediately and apply to everyone in the group.

Editing and deleting

• Edit a group (from its card) to rename it or change whether it’s active.
• Delete a group from its card — but only your custom groups can be deleted. The built-in default groups can’t be removed.

Tips

• A user belongs to exactly one group. To change someone’s access, either move them to a different group on the Users page or adjust their current group’s permissions.
• Start from a built-in group, or a minimal custom one, and grant only the permissions each role actually needs.
• Name groups by role (“Senior recruiter”) rather than by an internal function.