Skip to content
Support
  • There are no suggestions because the search field is empty.

Feature Flag Guide

This guide explains how Hapax feature flags work, including:

  • Account-level vs. user-level flags

  • Which settings become the defaults for a new tenant

  • How precedence works (what “wins” if settings conflict)

  • A recommended starter profile and a catalog of current flags

Quick mental model: flags are safety rails first and features second. If something is disabled at the tenant level, a user cannot re-enable it for themselves.

1) Scopes and precedence

Scopes:

Account-level (tenant) flags

  • Apply to everyone in the tenant by default.

User-level flags

  • Apply to one specific user only.

Flag type:

All flags are boolean: ON or OFF.

Precedence (what wins):

Hapax uses a “most restrictive wins” approach.

  • If the tenant flag is OFF, the feature is OFF for everyone (even if a user is ON).

  • If the tenant flag is ON, a user can still be set to OFF for themselves (more restrictive).

Rule of thumb: Tenant OFF overrides User ON.

2) Defaults for new tenants

Where defaults are set:

Go to Feature Flags settings in Hapax.

What “defaults” means:

When a new tenant is created, Hapax applies a baseline set of user-level defaults that new users inherit (admins can adjust later).

Admin best practice:

  • Set conservative controls at the tenant level

  • Grant broader access at the user level only when appropriate (pilot groups, advanced users, admins, etc.)

3) Recommended starter defaults 

Use this as a sensible baseline and tune to your risk posture.

Core editing and document handling:

ON

  • document

  • edit-document

  • document-attachment

  • rename-version

  • duplicate-version

  • restore-version

  • version-actions

  • version-changed-parts

  • past-version

  • download-file

  • download-version

  • download-history

  • move-file

  • upload-document

  • user-preferences

  • settings

  • templates

  • context-management

  • saved-prompt

  • workflows

  • integrations

  • request-edit

OFF

  • delete-file (destructive)

  • delete-version (destructive)

  • upload-bulk (enable later if needed)

Governance signals (keep visibility high)

ON

  • change-impact

  • changes

  • approval-changed-parts

  • institution-groups

Why this profile works: it enables day-to-day work while limiting destructive actions (deletes, bulk uploads) until your processes and approvals are proven. It also keeps governance visibility on so editors and approvers have context.

4) Flag catalog

Flag key Description Area Suggested new-tenant default
approval-changed-parts Show parts changed that require approval context Versioning / Approvals ON
change-impact Detect/raise related-document impacts during edits Governance ON
changes Enable change tracking visuals in editor Editor ON
comment-actions Allow comment/reply/resolve on doc text Collaboration ON
context-management Manage Current Context items in chat/workflows Assistant ON
delete-file Allow deleting documents Vault OFF
delete-version Allow deleting document versions Vault OFF
document Core document object actions enabled Vault ON
document-attachment Attach files to documents (related artifacts) Vault ON
download-file Download document files Vault ON
download-history Download version/change history exports Vault ON
download-version Download a specific version Vault ON
duplicate-version Duplicate a version as a starting point Versioning ON
edit-document Edit content (enter Edit mode) Editor ON
institution-groups Use institution groups as principals Access ON
integrations Use Google/Microsoft integrations Integrations ON
move-file Move docs/folders in Vault Vault ON
past-version View Past (historical) versions Versioning ON
rename-version Rename a version label Versioning ON
request-edit Request edit access workflow Governance ON
restore-version Restore an older version to Edit/Live Versioning ON
saved-prompt Use and manage Saved Prompts Assistant ON
settings Access user/org settings panels Admin / User ON
templates Use document/templates features Editor ON
upload-bulk Bulk upload documents Vault OFF
upload-document Upload single documents Vault ON
user-preferences Access User Preferences User ON
version-actions Show version-level actions menu Versioning ON
version-changed-parts Highlight changed parts by version Versioning ON
workflows Build/run workflows Workflows ON

*Suggested defaults are a starting point—tune to your risk appetite. Remember: tenant OFF overrides user ON.

5) Precedence scenarios (fast intuition)

  1. Tenant disables deletes

  • Tenant: delete-file = OFF

  • Alice: delete-file = ON
    Effective: OFF (Alice still cannot delete)

  1. User is more restrictive than tenant

  • Tenant: workflows = ON

  • Bob: workflows = OFF
    Effective: OFF for Bob only (everyone else remains ON)

  1. Safest way to pilot a risky capability

  • Tenant: upload-bulk = OFF

  • Pilot users: upload-bulk = ON
    Effective: Pilot users can bulk upload; everyone else cannot

If you later switch tenant ON, bulk upload becomes available tenant-wide unless specific users are set to OFF.

6) Operational guidance 

  • Start restrictive at the tenant level for destructive or high-scale actions (deletes, bulk uploads).

  • Use small pilots with user-level enablement before broad rollout.

  • Document your decisions: who got access, why, and for how long (especially for governance- and workflow-related flags).

7) FAQ

Where do I set defaults for a new tenant?
In Feature Flags settings. Configure the user-level defaults that new users inherit at tenant creation.

Can a user override an account flag?
Only to be more restrictive for themselves. If the tenant is OFF, user ON is ignored.

Are flags percent-based or variant-based?
No. All flags are boolean.

What’s the safest way to trial a risky capability?
Keep the tenant OFF, enable user-level ON for a small pilot group.

Do guardrails still apply if a flag is ON?
Yes. A feature flag may enable a capability, but Custom Guardrails can still warn or block actions based on your rules.