Custom roles

Introduction 

Custom roles are administrator-defined permissions to access a team.

💡Note

All custom roles start from the basic user roles: viewer, builder, manager. A user can have multiple roles in a tenant, but only one role per team.

🪄Tip

You can turn on and off individual features for that user role.


Creating a custom role 

Administrators own creating custom roles.

  1. Navigate to Roles within the admin dropdown

  2. Choose the New Role button on the bottom right corner of the modal

  3. Name the role

  4. Give a description, this appears below the role for other users

  5. Customize the feature level permissions (see the feature table below)

  6. Click Create in the bottom left of the modal

💡Note

Updating custom roles 

Administrators can make updates to custom role permissions.

To do this, they:

  1. Navigate to Roles within the admin dropdown

  2. Click the role you want to edit

  3. Change the permissions

  4. Click Update

As a reminder, you cannot change the role name, only the permissions.

Feature permission list 

These features allow granualar access. They are binary (on or off). The table details what permissions enabling the feature allows. Below is a brief overview of those permissions.

  • View permissions allow a builder to see the information, but not interact with it.

  • Write permissions allow a builder to update the information, but not perform destructive or permissive actions (add members, change permissions, etc.). Create & update permissions also fall under this category.

  • Manage permissions allow the builder to move, change permissions, or perform destructive actions. This should be limited to roles where a builder can perform destructive actions. Delete permissions also fall under this category.

Note: Assigning a less restricted permission for a feature will not allow that role to inherit the more restricted permissions - e.g., assigning a Manage type permission will not grant the role the Edit and View type permissions for that feature, so when adding a Manage permission you will typically want to add the Edit and View permission for that object type as well.

Permission templates 

To help get started, you can choose to start from a team role template. Then customize from there. This auto-enables the team RBAC feature permissions.

All disabled features default to view-only.

Take a look 

▲  Take a look at creating a role
Was this helpful?