> For the complete documentation index, see [llms.txt](https://docs.devolutions.net/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.devolutions.net/rdm/user-group-based-access-control/permissions.md).

# Permissions

{% tabs %}
{% tab title="Windows" %}
The ***Permissions*** window, which is only available in an SQL or Devolutions Server [advanced workspace](https://docs.devolutions.net/rdm/workspaces/workspace-types/native-workspaces/), can be found in a few places:

* ***In an entry:*** Open the properties of the entry, and go to ***Security - Permissions***.
* ***In the root folder of a vault:***
  1. In the root folder properties, go to ***Security - Inherited permissions***.
  2. Go to ***Administration - Vault settings - Security - Inherited permissions.***

The user group based permission system can give a very accurate control of the security. Here is an overview of the permission window:

![](https://cdnweb.devolutions.net/docs/RDMW6016_2025_1.png)

<table data-header-hidden><thead><tr><th width="157.7999267578125"></th><th></th></tr></thead><tbody><tr><td><strong>OPTION</strong></td><td><strong>DESCRIPTION</strong></td></tr><tr><td><strong>Permission</strong></td><td><p>Sets the permission mode. Select between:</p><ul><li><em><strong>Inherited</strong></em>: Inherits the permissions from the parent groups.</li><li><em><strong>Custom+Inherited</strong></em>: This combination allows for flexibility by maintaining the inherited permissions while adding specific permissions tailored to individual users or groups for the current entry.</li><li><em><strong>Custom</strong></em>: Lets you specify a custom value for each of the permission.</li><li><em><strong>Allowed</strong></em>: Grants all the permissions below to everyone.</li><li><em><strong>Disallowed</strong></em>: Grants the permission to no one but the administrators.</li></ul></td></tr><tr><td><strong>Grant access</strong></td><td>Allows <a href="https://docs.devolutions.net/rdm/commands/administration/system-settings/vault-management/default-permissions/batch-grant-access/">batch grant access</a> to a specific entry or entries.</td></tr><tr><td><strong>Select user groups or users</strong></td><td>Lets you select users / user groups to be granted the permission. Available only if the permission is set to <strong>Custom</strong>.</td></tr></tbody></table>

#### See also

* [Devolutions Academy - Managing Entry Permissions](https://academy.devolutions.net/student/path/1925039/activity/2667180)
  {% endtab %}

{% tab title="macOS" %}
The ***Permissions*** window, which is only available in an SQL or Devolutions Server [advanced workspace](https://docs.devolutions.net/rdm/workspaces/workspace-types/native-workspaces/), can be found in a few places:

* ***In an entry:*** Open the properties of the entry, and go to ***Security - Permissions***.
* ***In the root folder of a vault:***
  1. In the root folder properties, go to ***Security - Inherited permissions***.
  2. Go to ***Administration - Vault settings - Security - Inherited permissions.***

The user group based permission system can give a very accurate control of the security. Here is an overview of the permission window:

![](https://cdnweb.devolutions.net/docs/RDMM4090_2025_1.png)

<table data-header-hidden><thead><tr><th width="154.5999755859375"></th><th></th></tr></thead><tbody><tr><td><strong>OPTION</strong></td><td><strong>DESCRIPTION</strong></td></tr><tr><td><strong>Permission</strong></td><td><p>Sets the permission mode. Select between:</p><ul><li><em><strong>Inherited</strong></em>: Inherits the permissions from the parent groups.</li><li><em><strong>Custom+Inherited</strong></em>: This combination allows for flexibility by maintaining the inherited permissions while adding specific permissions tailored to individual users or groups for the current entry.</li><li><em><strong>Custom</strong></em>: Lets you specify a custom value for each of the permission.</li><li><em><strong>Allowed</strong></em>: Grants all the permissions below to everyone.</li><li><em><strong>Disallowed</strong></em>: Grants the permission to no one but the administrators.</li></ul></td></tr><tr><td><strong>Grant access</strong></td><td>Allows <a href="https://docs.devolutions.net/rdm/commands/administration/system-settings/vault-management/default-permissions/batch-grant-access/">batch grant access</a> to a specific entry or entries.</td></tr><tr><td><strong>Select user groups or users</strong></td><td>Lets you select users / user groups to be granted the permission. Available only if the permission is set to <strong>Custom</strong>.</td></tr></tbody></table>

#### See also

* [Devolutions Academy - Managing Entry Permissions](https://academy.devolutions.net/student/path/1925039/activity/2667180)
  {% endtab %}
  {% endtabs %}


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.devolutions.net/rdm/user-group-based-access-control/permissions.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.