Expensify.org/hunger SNAP campaign status
We’re no longer accepting new participants as our focus is on reimbursing existing claims. While we’re unable to provide a specific timeline on when your report will be reimbursed, we’re doing our best to drive donations and keep reimbursements moving forward. If you know anyone who can donate to this campaign please encourage them to enable Personal or Corporate Karma on their Expensify account.

We're currently experiencing issues with our American Express and Capital One connections. Please visit our status page for more details and to subscribe to updates.

Deep Dive: Domain Groups and permissions — what are they all about?

Ariel GreenAriel Green Expensify Team Posts: 87 Expensify Team
edited February 26 in Deep Dive Docs
Let's talk about Domain Group permissions and how each setting works in Expensify. As a reminder, Domain Groups can be accessed by navigating to Settings > Domains > [Domain Name] > Domain Groups.

Here's a screenshot of Domain Group settings:

Expensify Card unapproved expense limit

When an amount above $0.00 is entered in a Domain Group, all users that belong to the corresponding Domain Group will be prompted to receive an Expensify Card in their Expensify Inbox. Settings up an unapproved expense limit through your Domain Group is a great way to set limits across groups of users (rather than setting limits for each use one-by-one). 

Strictly enforce expense policy rules

If enabled, every rule that has been set for the policy will need to be satisfied before the report can be submitted for approval. If there is a policy violation on an expense, the employee will not be able to submit the report. If this feature is disabled, employees will be able to dismiss policy violation notifications and submit their reports without correcting them.

Restrict primary login selection

If enabled, users will not be able to make a non-company domain email address their primary email address (thus bypassing permissions set up via Domain Control). Employees will still be allowed to add secondary logins.

Restrict expense policy creation/removal

If enabled, users will be prevented from creating new group policies or personal subscriptions, and will not be able to remove themselves from an existing policy.

Note: If enabling this rule, it is recommended that a separate group is created for admins who need the ability to create new reports with the rule disabled.

Restrict primary policy selection

If enabled, group members will only be able to create and submit reports under the designated policy. This is useful when you have employees that are approvers for multiple policies but should only submit their own expenses under a single policy. 

Have a question or want to know more? Start a discussion here!

Tagged:
Flag · Accept Answer Off Topic Insightful Vote Up Awesome
Sign In or Register to comment.