Manage admin roles and permissions in the Admin Panel.
Overview
Roles define what an admin can view and modify in the Admin Panel.
Use roles to give teams the access they need, and nothing else.
When your tenant is created, you get a Super Admin role with full access.
Create additional roles for Support, Marketing, Operations, partners, and more.
Create the role first.
Then assign it to admins.
With restricted roles, some pages can return 403 when access is missing.
View permissions let admins read data only.
Modify permissions let admins create, edit, and delete data.
Anything not granted is hidden or disabled (grayed out).
🛠️ Step-by-Step Setup
Follow these steps to create a role and grant access.
1
Navigate to Roles
Go to Settings → Roles.
Click + ADD ROLE.
2
Fill in basic details
Role name
Default (optional) for LDAP-created admins
3
Add permissions
Click + ADD PERMISSION.
Pick Access: View or Modify.
Pick a Resource.
Always grant View - Stores for new roles.
Without it, assigned admins can’t use the Admin Panel.
4
(Optional) Restrict tenants
Use Add tenant to scope the role to specific tenants.
Only Super Admin can manage tenant assignment.
5
Save and assign the role
Save the role.
Assign it in Settings → Admins.
✏️ Manage roles
1
Open the role menu
In the Roles table, open the ⋮ menu.
2
Edit
Use Edit to change permissions and tenants.
3
Duplicate
Use Duplicate to copy a role and adjust it.
4
Delete
Use Delete to remove a role.
This can’t be undone.
If admins use the role, reassign them first.
✅ Best practices
Start with View. Add Modify only when needed.
Create roles per team. Keep them small.
Test access with a restricted admin before rollout.
