Permissions and access
How Omnifleet decides what you can open, and what to do when access is denied.
How access works
- Your role carries permission codes for the organization (and, where applicable, the group) you have selected in the header.
- The app loads permissions for the current organization and active group context. If you change organization or group, effective permissions can change.
- Some menu entries only appear when your permissions allow that route. If something you expect is missing, your role or current group context may not include it.
Roles & Permission (settings)
Users who are allowed to manage roles can open Setting → Roles & Permission. That area lists roles, supports search, and offers filters (for example scope and status) plus actions your role permits—such as creating or editing a role.
If you cannot open Roles & Permission, ask your organization administrator to adjust your role or to make changes on your behalf.
Access denied in the main panel
When a page is blocked, you may see a panel titled Access denied with the name of the area and a short reason. Typical cases:
- Switch to a valid organization/group before opening this page — Select the correct organization and group in the header switcher (see Groups).
- Switch to a valid organization before opening this page — Pick an organization you belong to.
- Your role does not include the required permission code for this route — You are in the right context but the feature is not enabled for your role. Contact your organization administrator.
Redirects instead of a page
Some screens redirect you (for example back to the dashboard or alerts list) if a direct link is opened without the right permission. If that happens repeatedly, confirm organization/group selection and ask an administrator to review your role.
What to tell your administrator
Include:
- Which screen or menu item you need (for example Fuel Consumption, Group Management, or Assign Alert).
- The organization and group you were using.
- Whether you saw Access denied or were redirected.
Dashboard route guard matrix
The console resolves each URL against route-permissions (see app config ROUTE_PERMISSIONS). Below is the tenant-facing summary; paths inherit downward (for example anything under /dashboard/setting/general-settings/... falls under General Settings).
| Area | Path prefix | Permission codes (any) | Scope |
|---|---|---|---|
| Dashboard home | /dashboard | view_organization, view_user | Organization |
| Live Tracker | /dashboard/live-tracker | view_vehicle, list_vehicle | Group |
| Alerts | /dashboard/alerts | view_alert | Group |
| Fuel Consumption | /dashboard/alerts/fuel-calculator | view_fuel_consumption | Group |
| Fuel Event | /dashboard/fuel-monitoring/fuel-event | view_fuel_detection | Group |
| Vehicles | /dashboard/fleet-management/vehicles | view_vehicle, list_vehicle | Group |
| Devices | /dashboard/fleet-management/devices | view_device, list_device | Group |
| Maintenance | /dashboard/maintenance | view_alert, manage_alert | Group |
| Work Order | /dashboard/work-order | view_vehicle, list_vehicle | Group |
| Drivers | /dashboard/actors/drivers | view_user, list_user | Group |
| Vendors | /dashboard/actors/vendors | view_vendor, list_vendor | Organization |
| User Management | /dashboard/setting/user-management | view_user, list_user | Organization |
| Roles & Permission | /dashboard/setting/roles-permission | view_role, list_role | Organization |
| Group Management | /dashboard/setting/group-management | view_group, list_group | Organization |
| General Settings | /dashboard/setting/general-settings | view_organization_configuration, view_configuration | Organization |
| Profile & security | /dashboard/settings | (none — authenticated session only) | None |
| Configurations | /dashboard/configurations | view_organization_configuration, view_configuration, view_notification_preference | Organization |
| Reports | /dashboard/reports | distance_report, speed_vs_distance_report, travel_summary_report | Organization |
| Audit Logs | /dashboard/audit-logs | view_audit_log | Organization |
DashboardRouteGuard checks organization vs group context (accessLevel) before evaluating codes. Individual components may also wrap sensitive controls with CanI for finer rules.
Related
- Groups — switching organization and group.
- How to Use Forms — validation and general form troubleshooting.