Skip to main content Skip to secondary navigation

Page-level Access by Role on Intranets

Main content start

If you have pages on your intranet that should only be accessible by a subset of people, Stanford Sites Intranet supports protecting pages to groups of users by role. You may use the built-in roles on your intranet for controlling access (Faculty, Staff, Student) or you may request custom roles to meet your needs.

The following guide outlines how to request new roles, how to grant those roles to users on your site, how to set access for individual pages, and other security considerations.

Requesting custom roles

To request a new role or roles:

  1. Come up with meaningful names for each of your roles. Some common examples include "Managers," "Leadership," etc. Whatever you pick should be well-understood by anyone with site editing access or responsible for technical support.
  2. Send your request to SWS via ServiceNow.

Granting user roles

Once you have a custom role defined on your site, you can grant that role using the same methods used for granting editing access, which is documented elsewhere in this guide.

Please note two important points that could impact the security of your protected pages:

  • User roles are not removed if the user is removed from the workgroup. You will need to remove the role manually.
  • The workgroup admins will also be granted the role (if they have access to your intranet.)

Protecting an individual page

Once you have set up custom roles on your site, you can use them to protect the page to a smaller group. To do this, go to the Publishing information tab and select what role(s) should have access. In this example, the page would only be accessible to users with the SWS Managers role.

Make sure to Save.


Granting a role will not grant a user access to the intranet. 

Pages that are protected will only appear in on-site search or the menu for the users who have access to these pages. On-site search will

The original page creator will continue to have access to the page they created, even if they do not have one of the roles specified for access. To change this, you can navigate to the Authoring information tab and change the Authored by information to Anonymous.