DocKosha
Product Demo

Data Room Workflow

Build a data room, apply granular access controls, and monitor engagement at the room level.

All demosBack to features

Configure user groups and allow/block rules

Demo segment 6.2.1. Use next/previous to move across this workflow.

Data Room Workflow
Step 1Step 2Step 3
Previous StepNext StepOpen MP4

Step Walkthrough Notes

Notes loaded from the matching markdown file for this step.

Video walkthrough (DocKosha): Create a share link using User Groups, Allowlist, Blocklist, and ALC (Advanced Level Control) — then test the viewer flow

What this video is showing (in plain words)

You’re building a secure data-room link and deciding who can view what:

  • User Groups = reusable lists of people (usually by email).
  • Allowlist = who is allowed in.
  • Blocklist = who is explicitly denied (even if they’d otherwise be allowed).
  • ALC (Advanced Level Control) = per-folder / per-document rules (most granular).
  • Viewer flow = the recipient opens the link and verifies their email (OTP) before viewing.

Step-by-step (follow this exactly)

Step 1 — Create reusable User Groups

  1. In the left sidebar, click User groups.
  2. Click New group.
  3. In the Create user group popup:
    • Enter a Group name (example shown: Finance stakeholders).
    • Paste emails (the UI expects one email per line).
  4. Click Create group.
  5. Repeat if you need multiple groups (example shown: an Investor group).

Why this matters: You can reuse the same group in multiple data rooms and links without re-entering emails.

Step 2 — Open the Data Room you want to share

  1. In the left sidebar, click Data Rooms.
  2. Open the room you want to share (example shown: Investors Docs).
  3. Click Share (top/right area).

Step 3 — Create your first link (baseline link)

  1. In the Share screen, click Create first link.
  2. This generates a shareable link you can later copy and send.

Tip from the video: Use Create New Link when you want a different access policy for another audience (e.g., investors vs. partners vs. press).

Step 4 — Start a “new link” for a different access policy

  1. From the Share screen, click Create new link.
  2. On the link setup screen (tabs like Basics / Security / Access):
    • Set a Link name (example shown: ALC).
    • Customize the URL slug (example shown: investor-update-march).

Step 5 — Configure Access: Allowlist + Blocklist

  1. Go to the Access tab.
  2. Decide how you want to restrict access:

Option A: Global Allowlist (simple “who can enter”)

  • Add allowed people via:
    • Allowed emails (type email → click Add)
    • Allowed groups (select an existing group like Investor)

Option B: Blocklist (explicit deny)

  • Add:
    • Blocked emails
    • Blocked groups

Reality check: Blocklist is your “hard no.” If someone is blocked, they should be denied even if they’re in an allowed group.

Step 6 — Turn on ALC (Advanced Level Control) for per-file access rules

  1. In the Access tab, click Enable ALC.
  2. The video calls out an important behavior:
    • When ALC is enabled, global allowlist is disabled.
    • You must configure access inside the ALC settings (or clear ALC to go back to global allowlist).

Step 7 — Create an ALC rule (example: allow a specific PDF for Investor group)

  1. In the ALC modal, pick the scope:
    • Room Wide = broad rules for the whole room
    • Folders = folder-level rules
    • Documents = individual file rules (the video focuses on this)
  2. Click Documents.
  3. Click to create your first rule.
  4. In Add Document Rule:
    • Choose the Target document (example shown: QBR_Adoption_Report - Q1.pdf)
    • Under Detailed access: Groups, select the group (example shown: Investor)
    • (Optional) You can also add specific emails in Detailed access: Emails
  5. Click Create Rule.
  6. Confirm the rule appears in the list, then click Done to activate/save.

Step 8 — Create the link and copy it

  1. Back on the link creation screen, click Create (bottom/right).
  2. Copy the generated URL.

Step 9 — Viewer experience (what the recipient sees)

  1. Open the link in a new/private window (to simulate an external viewer).
  2. The viewer is prompted with Email Verification Required.
  3. Viewer enters their email and clicks Send Code.
  4. Viewer receives a 6-digit OTP and enters it.
  5. Viewer clicks Verify to confirm access.
  6. Viewer can now:
    • Browse the visible documents/folders
    • Click View on a document to open it in DocKosha’s viewer
    • The video specifically calls out confirming the right files are accessible without downloads (as configured)

Practical notes (so you don’t mess it up later)

  • User Groups scale better than typing emails every time.
  • Use Allowlist when you want only specific people/groups to enter.
  • Use Blocklist when you want a hard deny list (e.g., ex-employees, leaked addresses).
  • Use ALC when you need rules like:
    • “Everyone can see the folder list, but only investors can open File X”
    • “Group A sees Folder A, Group B sees Folder B”
  • If ALC is ON, configure access inside ALC (global allowlist won’t apply).

Continue exploring

Move to the next demo workflow or go back to the full list.

Previous demoNext demoAll demos