Basic
Free
Business
Standard
Pro
Premium
Enterprise
Standard
Pro
Premium
To upgrade your Feishu Plan or for more information, contact Support or your Customer Success Manager.
I. Intro
Who can perform these steps: Primary administrators or administrators with "Permission Auditing" permission.
As an administrator, you can view the permissions that members have in real time, create permission query tasks, trace back the change records of member permissions and permission rules, and so on.
Common scenarios: When the organization's hierarchy changes or a member leaves, the administrator can check the member's permissions and block access to important permissions promptly.
II. Steps
Query real-time permission
You can view the roles and permissions that members have in real time.
- Open the Feishu Admin Console and click Compliance > Permission Auditing > Real-time permissions.
- 250px|700px|reset
- Select the following conditions as needed:
- Service (required): Choose Feishu Admin Console.
- Search by (required): Choose Roles.
- Subject type (required): Choose Members.
- Subject (optional): Enter a member's name or phone number to select a specific member.
- Role name (optional): Select the administrator role that you want to check.
- Permissions (optional): Browse and select one type of permissions.
- Click Search to view the query results. Click Details beside a member's name to view more information about their permissions.
- 250px|700px|reset
- (Optional) Click Reset to clear all query conditions and re-query.
- (Optional) To download the results as an .xlsx file, click Export Data > Export.
- 250px|700px|reset
Create a query permission task
In case of a large amount of data, you can create tasks to query members' permissions of documents, shared folders, Wiki spaces and pages, apps, and Minutes.
- In the Feishu Admin Console, click Compliance > Permission Auditing > Create permission search tasks.
- Click Create Search Task and fill in the task name and choose what you would like to query about.
- 250px|700px|reset
- Select the query scope and click Create.
For more information about setting up query permission tasks, see Admin | Create permission search tasks.
View member permissions change log
You can look up changes within the past 180 days in members' Feishu Admin Console permissions.
- In the Feishu Admin Console, click Compliance > Permission Auditing > Member permissions change log.
- Select the query conditions.
- Service (required): Select Feishu Admin Console.
- Target member (optional): Enter the name or mobile number of a member whose permissions were changed.
- Operator (optional): This is the person who made the permission change. Enter a name or mobile number.
- Time (required): Select a time range during which the permission was changed. The default is the past week.
- Click Search to see the list of changes.
- 250px|700px|reset
- (Optional) Click Reset to clear all query conditions and re-query.
- To download the results as an .xlsx file, click Export Data > Export.
- 250px|700px|reset
View permission rules change log
This is a log of changes to administrators' roles, including them being added or removed from a role, as well as changes to a role's permissions. You can query for records within the past 180 days.
- In the Feishu Admin Console, click Compliance > Permission Auditing > Permission rules change log.
- Select the query conditions.
- Service (required): Select Feishu Admin Console.
- Operator (optional): Who made the change.
- Event type (optional): Select Add role, Edit role, or Delete role.
- Time (optional): When the change was made. The default is the past week.
- Click Search to see the list of changes.
- 250px|700px|reset
- (Optional) Click Reset to clear all query conditions and re-query.
- (Optional) To download the results as an .xlsx file, click Export details.
- 250px|700px|reset
Review reminders for member status change and change their permissions
When there's a change to the organization's structure or when a member's status changes, a record will be automatically generated. This will show what permissions the member had, so you can quickly modify their permissions as needed. You can query for records within the past 180 days.
When the status of a member with administrator roles changes, the permission changes for that member will be categorized as Pending, Processed, or Ignored based on whether their permissions need to be changed.
- In the Feishu Admin Console, click Compliance > Permission Auditing > Permission reminders for member status change.
- In the Pending list, members who need to handle permissions after changes will be displayed.
- Enter the member's name or phone number and select the type of change (Deleted or Organizational structure change).
- 250px|700px|reset
- Click View Details to look into the change, where you can:
- Click Batch revoke permissions to revoke the selected permissions.
- Click Ignore to keep the member's permission. The record will be moved to the Ignored list, where you can still get the chance to modify the member's permissions.
- 250px|700px|reset
Note:
- You can only revoke Feishu Admin Console permissions.
- Once you revoke a permission, the corresponding role or permission of the member will be deleted and cannot be restored. You can reassign the same permission to members if you wrongly revoke a permission. For more information, see Admin | Add administrators and create administrator roles.
You can find the permission revocation status for the member undergoing the status change by clicking Processed > Details.
250px|700px|reset
III. FAQs