What are library roles?

AODocs has library roles and domain roles.

At the library level there are:

  • Pre-defined library roles, based on permissions
    For example, all library administrators have the permission to access the library administration and change settings. Other permissions can be assigned to particular roles, for example, the permission to create documents in a library or to perform certain workflow actions. 
  • Custom library roles for your specific business needs
    A custom role can represent an operational entity or a job title, such as Invoice Manager or Financial Department. You can assign individual users or Google groups to one or more roles.

Note: You can't currently add Microsoft groups in roles. Learn more about Google groups in AODocs and Microsoft groups in AODocs.

  • Pre-defined document roles (or properties)

This article describes all the library roles:

Automatically generated table of contents

Pre-defined library roles

There are two types of pre-defined library role in AODocs:

Main library roles: administrators, contributors and readers

These roles have a set of inherent permissions and can be used to define:

  • workflow participants, permissions and notifications
  • document class permissions
  • view permissions

Using a role to define who can perform a manual workflow action

The table below shows which library types have each type of main library role.


Team Folders

Secured Folders

Document Management libraries







Below is a brief outline of each main library role:

  • Administrators are granted write, read, share, and delete permissions to all documents in the library of which they are administrators. Administrators can also configure library administration settings.

    Tip: Administrators also receive and manage the sharing requests forwarded by the AODocs storage account. Administrators can use the API to delegate the management of sharing requests to a specific role.
  • Contributors can be given the permission to create, edit, delete and share documents in the library. Being a member of the contributor role at the library level doesn't grant write permission on all documents, but rather makes it possible to be given this permission.
    Note: You can't grant a user edit permission on a document if the user is a reader in the library — the user must be a contributor.
  • Readers can be given the permission to read documents in the library. Being a member of the reader role at the library level doesn't grant read permission on all documents, but rather makes it possible to be given this permission.
    – All contributors are automatically readers.
    – You can't grant a user read permission on a document if the user isn't defined in the library.

Library administrators can assign main library roles to users or groups on the roles page of the library administration and in the library security settings.

Advanced permissions roles

These roles give users in a library some advanced permissions. They can be assigned to:

  • contributors and readers in Secured Folder and Document Management libraries
  • Google editors and viewers in Team Folders

All libraries have the following pre-defined advanced permissions roles:

Note: Category value managers cannot set categories as dynamic.

  • Document managers can force workflow actions and view all properties, including hidden and read-only properties. In addition, if document managers are contributors, they can edit hidden and read-only properties.

Note: These actions are available only in documents in which the Document manager already has view or edit access. Being a Document manager does not grant any other document level permissions.

Library administrators can assign advanced permissions roles to users or Google groups on the roles page of the library administration.

– If you assign an advanced permissions role to a user who isn't defined in the library, they won't have access to the library. 
– You can assign any number of advanced permissions roles to a given user.

Custom roles (optional)

In addition to pre-defined roles, administrators can configure custom roles in the Roles section of the library administration interface.
Custom roles are specific to each library and are not shared between libraries.

Learn more: Create and configure custom roles

Tip: As best practice, if you are using Google Groups you are recommended to associate each AODocs custom role with a single dedicated Google Group to avoid unnecessary access control list (ACL) synchronization in your Google Drive each time you add or remove users from the role.

Pre-defined document roles

A pre-defined document role is a document property that contains only one person and can't be updated manually.

Each document has three pre-defined roles:

  • Document creator: the user who created the document
  • Last update author: the user who performed the last update on a document. This role is dynamic.
  • Version creator: the user who created the last version of the document. This role is dynamic.
    Note: Users can create versions manually or by workflow actions. Users can create a new versions directly or through a check-in.
Was this article helpful? 10 out of 12 found this helpful
If you didn’t find what you were looking for, don’t hesitate to leave a comment!
Have more questions? Submit a request


  • What about commenters? Is this role available like in Drive?

    Comment actions Permalink
  • Yes, you can assign a role the possibility to "Comment". It depends on the type of library and where you want to provide the permission (at the workflow state level,..).

    Comment actions Permalink

Please sign in to leave a comment.