top of page

Blackbaud CRM™ Feature Permissions: Moving Beyond a Hunt and Peck Strategy

Let’s face it, permissioning features in Blackbaud CRM™ can sometimes feel a bit like finding a needle in a haystack.

This post will share an approach for moving beyond a hunt and peck strategy as well as how to address one of the more common security questions we get, which is, how to permission smart queries.

Blackbaud CRM™ takes a layered approach to Security. Baseline security roles are created to group similar system functions and tasks (such as Constituent View rights, Batch Entry, Prospect Plan Management, etc). Each application user is assigned the applicable suite of security roles according to their job function. In this way, new features need only be permissioned to the best-fit role, which then propagates to all assigned users (as opposed to repeatedly assigning permission to the hundreds of users who may need it). System Administrators have access to all features and are responsible for the setup and creation of roles and users.

When administrators find themselves needing to add permissions for a particular task, the first approach is often to go to the Security Roles they wish to add to, Feature Permissions tab, and then search in the folders for something, anything that seems to fit the bill based on the name alone.

While this does work, there are many reasons why this method can be overwhelming! To name a few, the desired feature permission may not be found in the folder you’d expect, or, the names may be so cryptic that you’re not sure what you’re permissioning by selecting a given feature.

For these reasons, we recommend you navigate to the area you would like to permission from the front-end UI, and while in Design Mode, right-click the feature to expose the “Assign Permissions” button. For example, if someone needs access to a Constituent Merge process you can quickly and easily assign the main task. In most cases, however, this will only get you half-way there as you’ve just permissioned the “button” alone and not the underlying powers (or features) behind it. To ensure all features are permissioned, while still in design mode, we recommend going to the datalist that houses the functionality.

Here you will find a reference to the security folder where the features behind this page are stored:

Starting there (rather than randomly perusing a list) will put you in a much better position to quickly find the appropriate feature permissions. Now you can easily navigate to he assign features permission and find what you're looking for:

Another, specific security question that we often get is how to permission smart queries. Here again, the answer is feature permissions. They can be tucked away in one of a few different places:

  1. In the Queries > User Defined Smart Queries folder

2) Or, in a subfolder (or the main list) within the folder of the main Record Type that query returns. For example, if it’s a Revenue Smart Query, check within the Revenue folder:

3) And if the query is sourced from the BBDW, be sure to check beneath the BBDW Query folder as well.

Once you identify where the smart query resides, simply grant the permission and click save.

What Security Questions have you run into lately? Whatever it may be, you’re probably not the only one who’s been there. Let us know how we can assist!

bottom of page