It would be very helpful to have more details about what each task under a role actually allows.

Hi all!
I see multiple requests in the comments that are different from but related to the request named in the title and description. Keep in mind that Idea statuses are managed based on title and description. It is still deeply valuable to hear additional context in the comments, but I want you to be prepared for this Idea to close when we deliver the request made by the original post.

This request covers 1) access inherent to roles when cloning and 2) a description for each task.

#2 is already done! Go to Core>Security>Roles>Tasks for a list of all system tasks and their descriptions, or you can drill into a task inside a Role to expand its details.

#1 is far more complex. Just like teams spent a year investigating each of >2k tasks to write a description for each, development teams are spending 2025 researching the inherent access that exists in some - but not all - roles. Platform Manager is one of the worst offenders, but there are other roles that have access baked into the base, too. Once research is complete, we'll know how to either update the interface to document it or (better) clean the access so all of it is managed by tasks inside the role.

The process is slow since there are competing priorities and impactful functions being delivered all year across the offices. However, this is officially in progress!

I'm reviving this Idea...

I LOVE the way Roles & Tasks are now viewable, searchable and manageable in Core. And although a good reference document would be wonderful (so please don't stop working on that!), a little step in the right direction would be the ability to EXPORT the Roles and Tasks lists.

Can we make this happen???

I am excited for this. I learned from bbcon...do not clone the platform manager role hahah. I need to clean up our roles.

I would love to be an early adopter for the Tasks/Roles EAP. What does involvement entail though? I am starting a huge infrastructure project and have to be wary of time away from it

@jessica walters I would love to be part of the Roles EAP. Thank you!

jmreardon@savcds.org

Hi all! This year we will release task descriptions for all tasks within a role, and when looking at any task, you'll be able to see in which other roles that same task can be enabled. Developers are currently researching how we can provide more information about the inherent access contained in a role, which is not listed by any of the tasks. I'm leaving the cloned role reference idea "Under Consideration" since we don't know yet what that work will look like or what the timeline will be. I agree that it is an important problem to address.

We are entering a Roles & Tasks early adopter program (EAP) this week - May 24, 2023! Please email me if you are interested to learn more and/or would like to join the EAP for 1) early access to the new role management experience and 2) an opportunity to directly influence the path of development in this area: jessica dot walters at blackbaud dot com. (Note: joining this EAP does not obligate you to participate in others - they are managed individually and separately from each other.)

We're in the midst of implementation and security and student privacy is really important to us. I want to make sure we get off to a good start with roles and tasks but it's so hard to figure out which roles to clone and where certain tasks belong - especially for someone who is new to core already. Hoping this gets resolved soon as it looks like it's been under consideration for a long time!

I totally agree - this is a huge security concern for us, and baffling why it's not an obvious need for documentation. The permissions structure is seemingly unknowable - and with no way to list out roles and tasks unless you copy and paste. I'm trying to clean up former setups where since it is almost impossible to understand, folks are given way more permissions than they need. This should be a huge priority.

When I contacted support about a specific task/functionality, they were quickly able to tell me which tasks needed to be checked for it to work. I just want access to a "roadmap" of sorts so I can figure it out without the trial and error method.

For a company that has had already been compromised once and is now claiming that they are security conscious, this is something that should be be being worked on not "under consideration!" A permissions system that is so complicated that people cannot use it properly is definitely not secure!

It baffles me that something like this doesn't exist already. I know you can clone and create new roles, but it's kind of convoluted. It's very hard to pinpoint the exact tasks you need.

Still waiting on this.... we're currently trying to find ways to give department chairs access to the new "Report card grades list" and "Gradebook grades list". These are mush easier to use than Advanced Lists and we wan't more people to have the ability to VIEW data without the ability to EDIT the data.

I second this as well.   It is very frustrating when support (and I dont fault them!) tells you to play around with the tasks to see what works.  I don't have the time to play around - having to click/unclick every task box is such old technology - it is disheartening to see that Blackbaud has not moved with the times and have a better interface for this.  

- Certain roles need to not be attached to other roles. The person who is responsible for sending transcripts should never have the ability to change grades. Unfortunately, there is no way to separate these two roles

- When trying to figure out what has changed when adding/removing tasks from a cloned role it is very frustrating that sometimes these changes don't seem to take for hours. 

- Would like to see a list of, if you want access to Academics: Scheduling -> Requests and Schedules: [Course request setup] tab, you need xyz tasks under cloned x role.

This would be VERY Helpful!

As we are implementing Blackbaud this summer, our biggest challenge has been giving user access to the functions and reporting abilities they need without giving them access to making too many changes. It seems as though you are either nothing or you are a manager who can change everything. When we try to clone roles and strip most of the true management functions out, we are guessing as to which tasks do what we want and which do not. It's been very hit or miss.

This would be very helpful especially for people who have overlapping roles.

How is this still not a thing after 2+ years‽  You would think that this would be something that would be put out there from the beginning.  It makes it really difficult for new implementations to get set up when there isn't proper documentation about what everything does.