Security and governance

Access Control

Decide who can see, edit, approve, or even discover data, pages, and actions across the platform.

Role-based permissions

Field-level visibility

Approval workflows

What it is

Access Control gives organizations a practical way to decide who can do what inside Minerva. It covers not only whether someone can open a collection or update a record, but also whether they can see certain fields, pages, and apps at all.

That broader approach is important because real business access is rarely all-or-nothing. A team might be allowed to view invoices but not edit them, or see customer details but not margins, or start a request but require someone else to approve it.

How the platform protects information

Permissions can be assigned by team so access reflects how the business is organized. Beyond that, the platform can narrow visibility at a more detailed level, such as hiding sensitive fields, limiting which records are visible, and removing apps or pages that are not relevant to that user.

This means users are not just told not to click certain areas. They simply receive a version of the system that matches their responsibilities, which leads to a cleaner experience and a lower risk of exposure.

  • Grant access by team and business role
  • Hide sensitive fields rather than showing partially masked screens
  • Limit visibility to relevant records and pages
  • Keep navigation aligned with each user’s real responsibilities

Approvals for higher-risk actions

Some actions should not happen instantly, even when a user starts them correctly. Access Control supports approval flows so sensitive updates can be reviewed before they are committed.

That makes the platform useful not just for security, but for governance. Teams can allow business users to initiate work while still enforcing control over large spends, policy-sensitive updates, or other exceptions that deserve a second set of eyes.

Where it adds business value

Good access design helps an organization move faster because people know the system is trustworthy. Leaders can delegate operational tasks without worrying that every shortcut will create a governance problem later.

It also improves the day-to-day user experience. When people only see the data, pages, and actions that matter to them, the product feels simpler, faster, and easier to adopt across teams.

Want the full picture?

This overview is written for business users. If you want the implementation details, configuration depth, or platform behavior behind it, the product docs go further.

Read documentation See all features