Confidentiality and user access to references
Hublyd uses a multi-level permission system to control who can view, create, edit, validate, or delete references. Permissions are defined at two levels: group level and library (reference group) level. Understanding this distinction is essential to correctly manage confidentiality and collaboration.
Written By Hublyd
Permission levels overview
Level 1 & 2: Roles at group level
These roles define global access within a Hublyd group.
Important
The Owner has all rights everywhere
Group Admins inherit admin rights on libraries by default
Level 3: Roles at library (reference group) level
Each reference library has its own roles, independent from other libraries.
By default:
Group Owners and Group Admins are Library Admins
Other users must be explicitly invited to a library
What each role can do
Library Admin
Library Admins have full control over the reference library.
They can:
View all references, including confidential ones
Create, edit, duplicate, and delete any reference
Mark references as confidential
Import references (CSV / Excel)
Validate references submitted via public links
Manage library members and their roles
Create and modify columns (schema)
Access statistics and analytics
Editor
Editors are active contributors to the library.
They can:
View all non-confidential references
View confidential references (if permitted by library access)
Create new references
Edit references they created
Duplicate references
Upload files and images
Generate AI content for references
Submit references via public workflows
Restrictions:
❌ Cannot delete references created by others
❌ Cannot manage users or library settings
Viewer
Viewers have read-focused access.
They can:
View references
Use table and map views
Search and filter references
Generate presentations from references
Limitations:
❌ Cannot create references
❌ Cannot edit references created by others
❌ Cannot import, delete, or duplicate references
❌ Cannot access admin features
Special case:
A Viewer can edit only the references they personally submitted (for example via a public link), if allowed by the workflow.
Security level of the references
References can be marked as confidential.
You can also define the security level of the reference.
Use Confidential for strictly internal references. Confidential references are not shared or used outside Hublyd.
Use Restricted for references that can be used in head-to-head contexts only, such as presentations or meetings. Restricted references should not be used for public communication, including social media or public marketing content.
Use Public for references that can be used and promoted freely. Public references may be used for presentations, meetings, marketing, sales, and other external uses as needed.
Public links and validation
When references are collected via public submission links:
The external user fills in a secure form
The reference is created with Pending status
The reference does not appear in the library yet
A Library Admin or authorized Editor reviews and validates it
Once validated, the reference becomes part of the library
This ensures:
Data quality
Confidentiality
Full control over what enters your reference database
Invitations and access management
Only Library Admins can:
Invite users to a reference library
Assign or change library roles (admin / editor / viewer)
Remove users from a library
Important rules:
A Library Admin cannot remove another Library Admin
Only a Group Admin or Owner can remove a Library Admin who is also a Group Admin
Why this matters
This permission model allows you to:
Safely collaborate across teams
Collect data from external users without risk
Protect sensitive references
Scale your reference libraries with confidence