Welcome! This forum has a treasure trove of great info – Scouters helping Scouters! Just a heads up, though - all content, information, and opinions shared on this forum are those of the author, not the BSA.
I’ve got a MB Counselor who used to be an assistant scoutmaster, but whose permissions have since been removed. Today, she went to mark off a scout’s physical fitness merit badge. When I (Advancement Chair) went to approve it in Scoutbook+, I noticed that it was already approved. Going back to Scoutbook, i see it says:
Counselor: XX
Marked Completed 9/23/2025 by XX
Leader Approved 9/23/2025 by XX
How is this possible? I thought the only person who can leader approve are SM and advancement? I don’t know the roles in Scoutbook+ but in Scoutbook for sure when I check the connections, she doesn’t have any privileges to be editing profiles or advancement.
The Scout’s ID is 140603658, and the merit badge is Personal Fitness
They’re not. The first thing I checked was position manager and she is not an assistant SM anymore.
Last night I unchecked the leader approved box because we have a system of marking for showing a scout turned in blue cards. If you look at the audit trail you’ll see that she was originally there as being the person who leader approved the MB.
Scoutbook keeps very little in terms of audit. By unapproving the MB, you have most likely deleted the necessary information to look into this issue.
Keep in mind, in Legacy Scoutbook, when an MBC approves a requirement, it is automatically Leader Approved to keep it off of the Needs Approval report. Scoutbook Plus operates slightly differently but there is currently no way for an MBC to Counselor Approve in Scoutbook Plus.
If you post the Scouting America Member ID (no names) of the MBC we can try to see what data may still be available.
If you see this issue in the future, please report it but do not make any changes to the record until we can capture data necessary for debug.
Wow. I just checked again. Is this a bug in the My Scouting system? Under roster she is listed as ASM. Under position manager she isn’t! Under profile details in Scoutbook legacy she also only has membership as committee member!
Not only that the first thing I also checked was Scoutbook Legacy and she does not have any permission under Connections Manager.
Where can I find info on the roles and permissions in Scoutbook+. I know it’s not the same as Scoutbook Legacy but since I can’t find the mapping I can’t audit our troops position assignment to make sure people have the right permissions.
The MBC was an ASM in your troop from 8/6/24 to 8/23/25. She became a committee member on 8/23/25.
The Personal Fitness MB was completed on 8/17/23 so at that time the MBC was an ASM.
The MBCs current connection to the Scout is only as an MBC but we do not have connection history so I can’t say if at the time the MB was completed, if the MBC had an Edit Advancement connection or not. I suspect there was because we have never had an issue where an MBC who was not a leader in the unit with Edit Advancement or Full Control was able to leader approve a MB.
I would say this was a user error at the time of entry and not a bug. In addition the MBC’s current roles in Scoutbook match her registration so I do not believe there is an issue in my.scouting.or either.
Wow. I understand the logic now in the system letting her
Okay. But I think this is a bug.
As I stated in my original post, the Scoutbook Legacy app says she marked it as complete on 9/23/25 and leader approved it in 9/23/25
I wish the new system states it so clearly. It’s really hard to find such an info without trying to wade through audit trails.
Also. I have no screenshot of this. But I always make sure people don’t have permissions in connections manager other than SM or past SM or Advancement Chair precisely because I don’t want them to be marking things I’m not aware of. For sure she didn’t have permission in Connections Manager as of 9/23 because I tried to remove most of her ASM related permissions back in August early September when we found out she wasn’t returning.
So by your description maybe the system auto approved this merit badge when she checked off all the requirements? I know in Scoutbook you can either state a requirement is met individually or just mark the whole MB as completed. But it isn’t clear to me from Scoutbook+ audit log how she did it.
However I also don’t know if she went into Scoutbook+ to enter the info because she is allowed as a bug thinking she’s still an ASM or she logged into Scoutbook and marked it off there as a MB.
As I have said, this is not a bug and will not be addressed as such.
As Advancement Chair, per the Guide to Advancement, you have no say over who can approve advancement. The Guide to Advancement gives all authority over advancement to the Scoutmaster. The Scoutmaster alone has the authority to decide who can sign off on any advancement except Merit Badges, which are reserved for MBCs. The final approval for MBs is to acknowledge the Scoutmaster or designee has had a conversation with the Scout regarding the MB experience, not to retest or check if the Scout completed requirements.
I understand. But she isn’t an SM. She was an ASM. She wasn’t an ASM when she marked off the MB as leader approved. To me the bug is that anyone can post date any MB and if they were in position at the time then the system lets them. That makes sense to a certain extent but in our instance we have an adult leader who has left the troop though she’s not off our roster. I tried to at least expire her position because getting someone off a roster requires an email and our council is inundated during renewal time.
And we wouldn’t want her in this case, nor would we want anyone who has left the troop to be dating any scouts advancement records just because they should have had the permission when the scout earned that.
How would we know then if they’re doing something that we don’t want them to do?
I did change permissions in connections manager. I’m fairly certain of that. Though I did notice that connections manager doesn’t update all permissions when a new scout arrives or leaves and that certain people have edit advancement permissions for specific scouts (I’m conjecturing because they were added as MBC for that scout?).
So I thought it was a bug because all she is is a MBC as of 9/23 and therefore she shouldn’t have permission But I don’t have audit records of Connections Manager to verify what permission she had yesterday.
Anyways it sounds like anytime I have any position changes I now need to make sure connections manager is up to date as this is most likely the reason that she was able to still approve as of yesterday even though her position expired back in August
Or just educate your leaders on how to use the system. I have had all ASMs and may committee members with Edit Advancment for years and have had ZERO issues because I educate my leaders how to use the system.
Yes. I just did. However my concern still stands. What’s to stop someone who has left the troop, been removed from positions on My Scouting, removed from position on Scoutbook, from approving things that happened while they were a leader? I personally don’t think they should have the right to do that after they’ve left a troop and we’ve marked them as not having those positions. Imagine a scoutmaster who still has power to approve things after a new SM comes in. But the new SM has a different way of doing things. Since someone has left, it isn’t like we can talk to them or educate them on what to do or not to do.
Is the solution to teach everyone to always look at Connections Manager? That that’s actually the ultimate permission? Not anything else?
I don’t think it’s about reading the minds of SM. It’s about implied permissions and how a system ought to work. I also totally understand that Connections Manager is old and may be just unfixable.
Connections Manager should work where if you’re saying a SM, Committee Chair, COR have troop admin rights then they auto update. Right now they don’t. These three , as far as I can tell, don’t have edit advancement rights for any new scouts that join. Maybe it’s the migration to Scoutbook+? I don’t know why.
Similarly if I removed someone as troop admin role then they should no longer have edit advancement privileges in Connections Manager. but right now from my quick usage, it looks like they do. The manager isn’t reflecting role assignments.
Understanding how the permissions work requires a bit of a history lesson, unfortunately. Permissions are currently something of a morass due to the combination of classic Scoutbook and SB+. Keep in mind this is entirely from the POV of a unit scouter who does not have any special insight under the hood of the system. So, I might be wrong about some details, but the broad brush strokes are based on my direct observations of the systems since prior to the purchase of Scoutbook by Scouting America (then BSA).
Prior to Scouting America’s purchase of Scoutbook, Scoutbook exclusively looked at the connections and permissions established in Connection Manager, which were largely unrelated to the positions assigned in Scoutbook (which themselves were totally disconnected from the official registered positions in my.scouting). At that time, anyone with Unit Admin roles in Scoutbook could assign any connections and any permissions to any adult at all, including assigning the parent/guardian roles to non-parents/guardians. After the purchase, there was increasing harmonization between being officially registered as a scouter in the unit and having what might be thought of as “leader” permissions in Scoutbook. However, units could and did likely work around this to facilitate local practices by assigning various adults as Unit Admins, which provided Full Control permissions to all scouts automatically. There were no default connections granted to ASMs or committee members, except where those individuals were also parents of scouts in the system and had default permissions/connections to them.
Permissions in Scoutbook consisted of:
View Profile - Allows connected adult to view profile information; Default level for most leader roles in Scoutbook once connected to youth. Only available level for non-scouter adults when connected to other youth. View Advancement - Allows connected adult to view advancement information; Default level for most leader roles in Scoutbook once connected to youth. Only available level for non-scouter adults when connected to other youth. Edit Profile - Allowed access to edit profile parameters in Scoutbook Edit Advancement - Allowed access to edit advancement parameters in Scoutbook. Full Control - Includes Edit Profile and Edit Advancement, plus various other permissions including the ability to delete an account. Default connection level of Unit Admins, Key 3 and (eventually) parents relative to their own scouts. Note that parents who were not also registered scouters could not Leader Approve any advancement.
When SB+ came along, originally as Internet Advancement 2, it was functionally restricted to registered Unit Key 3, and basically nobody else. Various functional roles were created in my.scouting to permit some limited degree of workload sharing, but there were many units for whom the limited number of functional slots didn’t provide adequate assistance. Both SB+ and Scoutbook wrote to the same advancement database, but they were not yet blended. Various things started moving over to SB+ like reports, calendars, and eventually all of advancement for packs (and now almost everything for troops). To minimize the amount of disruption, SB+ (at least to some extent) respected the permissions that were granted in classic Scoutbook to provide continuity of access. Ultimately, based on posts in the boards here, the intent is to tie access and permissions much more closely to registered positions.
However, in the interim, we have both systems attempting to run in parallel with what appears to be a bit of a kludge with regard to permissions. Some permissions are being limited by registered scouter position, some appear to have been carried over from prior functional roles in my.scouting or assigned roles (like Unit Admin) in classic Scoutbook. Some appear to be broken altogether. The more specific information the SUAC volunteers can provide to the developers, the more successfully the developers can find the bugs.
That’s never been the way that the system functioned. Being a Unit Admin automatically granted connections and permissions, but having the role removed didn’t automatically remove the permissions that had already been granted. That was then done in a second step using Connections Manager, or for folks who had left the unit altogether using the “Clean Old Connections” button. In addition, the Unit Admin role has always had some sort of underlying bug that never appears to have been fully identified whereby the automatic granting of permissions appeared to “break” and the role appeared to be current but in fact was not working/granting permissions. Its been investigated many times over more years than Scouting America has owned Scoutbook, but never fully resolved. The only workaround identified to my knowledge was for another Unit Admin to go in and re-grant the Unit Admin role.
If specific scouters registered in Key 3 positions (i.e. not just with those roles in Scoutbook) don’t have access to edit advancement, then that seems like a separate bug from what you were describing above (i.e. prior ASM/MBC appears to have Leader Approved a MB after they were no longer in an ASM role). If you provide the Scouting American Member IDs for those scouters (no names, please!), the SUAC may be able to look into things to see if they can identify what’s going on.
ETA: I don’t know if you’ve already looked there, but there are a number of knowledge base articles on the permissions structures for SB and SB+ at the help wiki here:
They may be more-or-less out of date in some cases, given that porting the system largely takes precedence over updating the help files (especially since it’s hard to explain how it works until it’s finished). So, watch the last updated dates to see whether to suspect something is out of date or not.
Wow. Thank you so so much for the detailed reply. That really explained a lot of what I’d been seeing working in Scoutbook! I think I now know how to work the system more. I will go look at the website you mentioned to see how permissions and roles work in SB+ because right now that’s the piece I don’t quite understand since it’s not so viewable like Connections Manager made it to be in Scoutbook!
