The authorization tree is similar in structure to PANTHEON's main menu. It is used to restrict access to individual functions or function groups, either program-wide, for user groups or for individual users.

Authorizations are cascaded down in the authorization tree. For example, if you grant read access to the Settings node, all nodes below it (Subjects, Assets, etc.) will inherit it. Of course, the authorization level of those lower-level nodes can be changed.

Available authorization levels: none (lowest, no access) read write delete (highest, full access)

The following parameters can be set for each node in the authorizations tree:

	From the Access dropdown menu, select the authorization level. You can also select it using the context menu (right click). The following authorization levels are available:
	None - no access; such features are hidden.
	Read - read-only; such features can be only viewed.
	Write - data can be viewed, entered and changed.
	Delete - full access; data can be viewed, entered, changed and deleted.
	Back for X days - used for authorizations for single documents; this parameter specifies for how many days in the past the user can change or delete documents. Examples: 0 = the current day, 1 = the current day and the day before, 30 = thirty days back, -1 = unlimited; documents can always be changed or deleted. See also Time Limit for Changing Documents.

	Authorizations without proper user identification are useless. If using authorizations, make sure users log on with their individual user names and passwords. It is also recommended to set a minimum password length to minimize unwanted intrusions.
	In some cases, (e.g. Items register authorizations ), only two authorization levels are available: None and Delete. Read and Write are not used, but if they are nonetheless selected, they count as Delete.