Every modern building is powered by data. It tells you how much energy you’re using, how equipment is running, and when something needs fixing. But all that data only helps if you can control who sees it and who can make changes. 

At Willow, we help building owners and managers do this with clear, role-based access controls and detailed permissions. It’s a straightforward approach that solves a surprisingly common problem. 

The Problem with “All or Nothing” 

Without proper access management, you’re often stuck with an all-or-nothing choice. Many older systems only let you give someone full access to everything or nothing at all. 

To keep projects moving, people end up with far more access than they really need. A contractor sees data for an entire building when they’re only working on one floor. Tenants might see operational settings they shouldn’t touch. Maybe someone keeps old login credentials nobody remembers to remove. 

Over time, this creates confusion and opens the door to mistakes. Someone could adjust equipment settings by accident or share information they shouldn’t. Fixing these mistakes wastes time, adds costs, and puts trust at risk. 

How Fine-Grained Access Solves This 

Good access control matches what people can do to what they actually need to do. Willow’s Access Management makes this simple and practical. Here’s what sets it apart: 

  • Clear Roles: Use over 10 ready-made roles — like Portfolio Admin, Site Admin, Writer or Viewer — or create custom ones that fit your teams. 
  • Detailed Permissions: Choose from more than 130 unique permissions to decide exactly what people can view, edit, approve, or manage. 
  • Location-Based Access: Give people access for a single floor, one building, or an entire portfolio — whatever fits their job. 
  • Single Sign-On: Connect with your existing login systems like Azure AD or Okta so people sign in once and get the right level of access automatically. 
  • Full Visibility: Quickly check who has access to what, update it when roles change, and remove access when projects end. 
  • Track Changes: All updates are logged so you always know who did what – which helps keep compliance and audits simple. 

Access Management Architecture  

Our Access Management system is built around five main building blocks that work together to keep your data secure and easy to manage: 

  1. Users
    The people in your organisation who need access – staff, contractors, managers, or partners.
  2. Groups
    Users can be grouped together based on their department, project, contractor company, or other shared responsibilities. This makes it faster to manage permissions for teams instead of one person at a time.
  3. Roles
    Each role defines what a user or group is allowed to do. For example, an Admin can manage system settings, while a Viewer can only read reports.
  4. Permissions
    The specific actions someone can take – like viewing twin data, changing settings, managing insights, or viewing dashboards. With more than 130 unique permissions available, you can build exactly the level of control you need.
  5. Assignments
    Assignments link Users (or Groups) to Roles and Permissions for a specific scope — like a building, floor, or portfolio. For example, you can assign a contractor group the ‘Contractor’ role with permissions limited to just one building.

This means you always have a clear map of who can do what, where — and you can change it in minutes if needed. 

A Practical Example 

Picture a university campus. Without fine-grained access, a contractor fixing air conditioning in one lab might get the same access as the full facilities team — simply because there’s no better way to give them what they need. 

With Willow’s Access Management: 

  • The facilities manager controls systems for all buildings. 
  • A contractor group only sees twins or buildings they are permitted to. 
  • The sustainability team can view energy data but can’t adjust any equipment. 
  • An IT administrator accesses our Public API, but only for specific twins or systems relevant to their role, ensuring no unnecessary data is exposed. 

This level of control takes minutes to set up and is just as easy to adjust when people or projects change. 

Key takeaways 

  • Most legacy systems offer only all-or-nothing access, often resulting in permissions beyond what’s needed and added risk. 
  • Willow’s Access Management lets you define who can do what, where — with over 130 permissions and support for custom roles, giving you total control. 
  • Access can be scoped to a floor, building, or entire portfolio, making it easy to fit the tool to your org chart. 
  • Changes take minutes, not hours, and give you full visibility into user activity for easier audits and compliance. 

Good access control doesn’t just protect your data; it keeps everyday work flowing smoothly. Teams get what they need, mistakes drop, and onboarding new people is quicker and cleaner. That’s why universities, hospitals, and large commercial property owners trust Willow’s Access Management to scale safely and securely. 

Which of your workflows could move faster if every team member had the right access from the start?