Inherent Access
Mosaic automatically connects staff with the data they need based on their role in the school — no manual setup required.
Inherent Access is a permission layer that grants staff members access to student and staff records based on their relationships rather than their assigned roles. When a teacher is assigned to a class, they automatically gain access to those students’ records. When a supervisor is assigned over another staff member, they can view that person’s employment data. This happens without any administrator intervention.
Inherent Access works alongside roles and individual grants. Together, these three layers determine what each user can see and do in Mosaic.
How It Works
Section titled “How It Works”Every staff member in Mosaic may have one or more relationships with students or other staff. These relationships are determined automatically based on data already in the system — class enrollments, homeroom assignments, support staff designations, and supervisory structure.
When a staff member logs in, Mosaic checks their relationships and grants the appropriate level of access for each one. This means:
- A teacher who is enrolled on a math class automatically gets access to those students’ profiles, attendance, and grades.
- A homeroom teacher gets slightly broader access, including the ability to view family access and locker information.
- A counselor assigned as support staff for a student can view and edit that student’s support plan.
Relationship Types
Section titled “Relationship Types”Mosaic recognizes six relationship types, divided into student relationships (access to student data) and staff relationships (access to other staff data).
Student Relationships
Section titled “Student Relationships”| Relationship | How It's Determined | Typical Use |
|---|---|---|
| Class Teacher | Automatic — when a teacher is listed on a class that the student is enrolled in | Subject teachers, co-teachers, teaching assistants assigned to a class |
| Homeroom Teacher | Automatic — when a teacher is assigned as the student's homeroom teacher for the year | Primary teacher, homeroom advisor, grade-level teacher |
| Support Staff | Manually assigned by an administrator through the student's support staff list | Counselors, therapists, special education coordinators, learning support specialists |
| Division Principal | Automatic — when a staff member is designated as the principal of a division that contains the student's grade level | Division principals, area coordinators, section heads responsible for a specific set of grade levels |
Staff Relationships
Section titled “Staff Relationships”| Relationship | How It's Determined | Typical Use |
|---|---|---|
| Supervisor | Automatic — based on the supervisory assignment in staff records | Principal supervising teachers, department head overseeing a team |
| Self | Automatic — every staff member has this relationship with their own record | Viewing your own profile, schedule, attendance, and employment information |
What Access Is Granted
Section titled “What Access Is Granted”Each relationship type comes with a set of default access levels. These defaults are designed to give staff what they need without overexposing sensitive information.
Access Levels
Section titled “Access Levels”Most permissions use a straightforward None / View / Edit scale, but certain permissions have specialized levels:
| Level | Description |
|---|---|
| None | No access to this type of data through this relationship. |
| Basic | Limited identifying information only (name, grade/position, photo). Applies to Student Profile and Staff Profile. |
| View | Can see the data but cannot make changes. |
| Contributor | Can read existing entries and add new ones. Applies to journal-type permissions (Attendance Journal, Discipline Journal, Health Journal, Support Journal, Communication Journal, Admissions Journal, Academic Journal, Employment Journal, Staff Attendance Journal, Supervision). |
| Edit | Can see and modify the data. For non-journal permissions, this is the highest level. For Student Profile and Staff Profile, this is the highest level (level 3). |
Default Access by Relationship
Section titled “Default Access by Relationship”The tables below show what each relationship type grants by default. These are Mosaic’s recommended settings and can be customized by your school.
Class Teacher Defaults
Section titled “Class Teacher Defaults”Grants view access to most student information, with contributor access to journals and edit access to discipline and service hours.
| Permission | Access Level |
|---|---|
| Student Profile | View |
| Student Schedule | View |
| Student Attendance | View |
| Attendance Journal | Contributor |
| Student Discipline | Edit |
| Discipline Journal | Contributor |
| Student Health | View |
| Health Journal | View |
| Student Support | View |
| Support Journal | View |
| Language Development | View |
| Student Resources | View |
| Communication Journal | Contributor |
| Student Admissions | View |
| Admissions Journal | View |
| Academic Record | View |
| Academic Journal | Contributor |
| Service Hours | Edit |
| Family Access | No access |
| Locker Assignments | No access |
Homeroom Teacher Defaults
Section titled “Homeroom Teacher Defaults”Grants the same access as a class teacher, plus view access to Family Access and Locker Assignments.
| Permission | Access Level |
|---|---|
| Student Profile | View |
| Student Schedule | View |
| Family Access | View |
| Locker Assignments | View |
| Student Attendance | View |
| Attendance Journal | Contributor |
| Student Discipline | Edit |
| Discipline Journal | Contributor |
| Student Health | View |
| Health Journal | View |
| Student Support | View |
| Support Journal | View |
| Language Development | View |
| Student Resources | View |
| Communication Journal | Contributor |
| Student Admissions | View |
| Admissions Journal | View |
| Academic Record | View |
| Academic Journal | Contributor |
| Service Hours | Edit |
Support Staff Defaults
Section titled “Support Staff Defaults”Grants focused access to what support staff work with directly. More conservative than class or homeroom teacher access — notably excludes Family Access, Locker Assignments, Admissions, Admissions Journal, and Service Hours.
| Permission | Access Level |
|---|---|
| Student Profile | View |
| Student Schedule | View |
| Student Attendance | View |
| Attendance Journal | View |
| Student Discipline | View |
| Discipline Journal | View |
| Student Health | View |
| Health Journal | View |
| Student Support | Edit |
| Support Journal | Contributor |
| Language Development | Edit |
| Student Resources | View |
| Communication Journal | Contributor |
| Academic Record | View |
| Academic Journal | View |
| Family Access | No access |
| Locker Assignments | No access |
| Student Admissions | No access |
| Admissions Journal | No access |
| Service Hours | No access |
Division Principal Defaults
Section titled “Division Principal Defaults”Grants broad edit access to student data within the principal’s assigned divisions — similar to school-wide admin access but scoped to students in specific grade levels.
| Permission | Access Level |
|---|---|
| Student Profile | Edit |
| Student Schedule | Edit |
| Family Access | Edit |
| Locker Assignments | Edit |
| Student Attendance | Edit |
| Attendance Journal | Contributor |
| Student Discipline | Edit |
| Discipline Journal | Contributor |
| Student Health | Edit |
| Health Journal | Contributor |
| Student Support | Edit |
| Support Journal | Contributor |
| Language Development | Edit |
| Student Resources | Edit |
| Communication Journal | Contributor |
| Student Admissions | Edit |
| Admissions Journal | Contributor |
| Academic Record | Edit |
| Academic Journal | Contributor |
| Service Hours | Edit |
Supervisor Defaults
Section titled “Supervisor Defaults”Grants access to subordinate staff members’ professional records.
| Permission | Access Level |
|---|---|
| Staff Profile | View |
| Sensitive Staff Info | View |
| Staff Schedule | View |
| Staff Attendance | Edit |
| Staff Attendance Journal | Contributor |
| Employment Records | View |
| Employment Journal | Contributor |
| Professional Development | Edit |
| Staff Supervision | Contributor |
| Staff Resources | View |
Self Defaults
Section titled “Self Defaults”Allows staff to view their own records. This is intentionally read-only — staff can see their profile, schedule, and employment information but cannot modify it through Mosaic.
| Permission | Access Level |
|---|---|
| Staff Profile | View |
| Sensitive Staff Info | View |
| Staff Schedule | View |
| Staff Attendance | View |
| Staff Health | View |
| Employment Records | View |
| Professional Development | View |
| Staff Resources | View |
Customizing Inherent Access
Section titled “Customizing Inherent Access”Administrators with the appropriate permissions can customize the default access levels for each relationship type.
How to Access the Settings
Section titled “How to Access the Settings”Settings Dropdown (under your name, top right) → District Settings → User Access → Inherent Access
The Inherent Access settings page displays a card for each of the six relationship types. Each card shows:
- The current access levels for that relationship
- Whether the relationship is using Mosaic defaults or has been customized
- A summary of what has changed from the defaults (if customized)
Making Changes
Section titled “Making Changes”- Click Customize on the relationship card you want to modify.
- In the dialog, each permission is shown with a dropdown for its access level (None, View, Edit, or Contributor depending on the permission type).
- Permissions that match the Mosaic default are marked with (default).
- Adjust the levels as needed for your school’s policies.
- Click Save to apply the changes.
Changes take effect immediately for all users in your school.
Reverting to Defaults
Section titled “Reverting to Defaults”If you’ve customized a relationship and want to go back to Mosaic’s recommended settings, click the Revert to Default option on the relationship card. This removes all customizations and restores the original access levels.
How Permission Layers Work Together
Section titled “How Permission Layers Work Together”When a user logs in, Mosaic combines permissions from multiple sources to determine their final access. The layers are:
- Inherent Access — automatic, based on relationships (described on this page)
- Role Permissions — based on the user’s assigned role (e.g., Principal, Faculty)
- Individual Grants — one-off permissions given to specific users
At each layer, the highest access level wins. This means:
- If Inherent Access grants View and the user’s role grants Edit, the user gets Edit.
- If the user’s role grants None but Inherent Access grants View, the user still gets View.
- Permissions can only be added, never reduced. A role cannot take away access that Inherent Access provides.
Example: A Teacher with the Faculty Role
Consider a teacher assigned the Faculty role who teaches 3rd grade Math:
- The Faculty role provides general platform access (email, calendar, Help Desk) plus view access to basic student information for all students.
- Class Teacher inherent access automatically grants view access to their Math students’ profiles, attendance, health, discipline, and academic records.
- Homeroom Teacher inherent access (if they are the homeroom teacher) adds the ability to view family access and locker information.
- Division Principal inherent access (if they are also a division principal) grants broad edit access to students within their division’s grade levels.
- Self inherent access lets them view their own staff profile, schedule, and employment records.
The teacher ends up with the combination of all these layers — broad view access to their students’ records and basic platform features from their role, without anyone having to manually configure student-by-student access.
Example: A Counselor with Support Staff Access
A school counselor assigned the Student Support role and designated as support staff for several at-risk students:
- The Student Support role grants broad view access to all student information and the ability to edit support records.
- Support Staff inherent access provides focused access to their specifically assigned students’ profiles, schedules, health, academic records, and the ability to edit support records and contribute to journals.
- Even if the role were changed, the counselor would retain access to their assigned students through the Support Staff relationship.
This means support staff access follows the assignment — if a student transfers to a different counselor, the new counselor automatically gains access while the previous one loses it (once removed from the support staff list).
Frequently Asked Questions
Section titled “Frequently Asked Questions”Do I need to set up Inherent Access for new teachers?
No. Inherent Access is automatic. As soon as a teacher is assigned to a class or designated as a homeroom teacher, they gain the appropriate access. No administrator action is needed.
What happens when a teacher is removed from a class?
They lose the Class Teacher relationship for those students, and the associated inherent access is removed. If they are still the homeroom teacher, they retain Homeroom Teacher access. If they have no other relationships, they fall back to whatever their assigned role provides.
Can I give a specific teacher more access without changing the defaults for everyone?
Yes. Use Individual Grants to give a specific user additional permissions without modifying the inherent access defaults. Individual grants are managed through the user’s permission settings.
Can I restrict a specific teacher's inherent access?
No. Inherent Access is a floor, not a ceiling. You cannot reduce access below what a relationship grants. If you need to limit what a teacher sees, you would need to remove the relationship itself (for example, removing them from a class or from the support staff list).
Why do some permissions not appear in the Inherent Access settings?
A few permissions are managed exclusively through roles and are not customizable through Inherent Access. These include basic information (name, grade, photo) — which is always available to anyone with a relationship — and certain reporting and system permissions that apply at the school or district level rather than at the individual student or staff level.
What is the difference between Edit and Contributor?
Edit grants full read and write access to a data area (e.g., editing attendance records or discipline records). Contributor is specific to journal-type permissions and means the user can read existing entries and add new ones, but cannot modify or delete entries made by others. Most journal permissions (Attendance Journal, Discipline Journal, Communication Journal, etc.) use the Contributor level rather than a general Edit.