Understanding Roles
Overview
Roles define a set of permissions and responsibilities assigned to users or groups within an organization. By grouping permissions into roles, you simplify access management, improve security, and streamline onboarding.
Common Role Types
| Role | Description | Typical Permissions |
|---|---|---|
| Administrator | Full access to all system features. | Manage users, configure settings, view/review logs. |
| Editor | Can create and modify content. | Create, edit, publish, delete content. |
| Viewer | Read‑only access. | View content and reports. |
| Guest | Limited access for external stakeholders. | Access specific shared resources. |
Managing Roles
Roles can be managed through the Roles Management interface. Key actions include:
- Creating new roles
- Assigning permissions
- Mapping users to roles
- Auditing role changes
Best Practices
- Adopt the principle of least privilege.
- Use role hierarchies to reduce duplication.
- Review role assignments quarterly.
- Document the purpose and scope of each role.
Frequently Asked Questions
How do I create a new role?
▼
Navigate to Roles Management, click “Add Role”, fill in the details, assign permissions, and save.
Can a user have multiple roles?
▼
Yes. Assigning multiple roles aggregates all permissions from each role.
What happens when I delete a role?
▼
Deleting a role removes it from all users. Permissions granted solely by that role are revoked. Consider reassigning users before deletion.
How can I audit role changes?
▼
Use the Audit Log to filter events by “Role Updated” or “Role Assigned”.