On this page
RBAC
RBAC
Role-Based Access Control for your organization.
RBAC restricts what users can do based on their role.
Full system access:
| Permission |
Access |
| All features |
✓ |
| All accounts |
✓ |
| Team management |
✓ |
| Billing |
✓ |
| Settings |
✓ |
Team and workflow management:
| Permission |
Access |
| All accounts |
✓ |
| Team view |
✓ |
| Workflows |
Create/Edit |
| Approvals |
✓ |
| Settings |
Limited |
Account-focused access:
| Permission |
Access |
| Assigned accounts |
Full |
| Other accounts |
View only |
| Actions |
Create/Edit |
| Copilot |
✓ |
| Settings |
No |
Read-only access:
| Permission |
Access |
| Assigned accounts |
View only |
| Dashboard |
View |
| Reports |
View |
| Settings |
No |
| Action |
Admin |
Manager |
CSM |
Viewer |
| View account |
✓ |
✓ |
Assigned |
Assigned |
| Edit account |
✓ |
✓ |
✓ |
✗ |
| Delete account |
✓ |
✗ |
✗ |
✗ |
| Export account |
✓ |
✓ |
✓ |
✗ |
| Action |
Admin |
Manager |
CSM |
Viewer |
| Create action |
✓ |
✓ |
✓ |
✗ |
| Edit action |
✓ |
✓ |
✓ |
✗ |
| Complete action |
✓ |
✓ |
✓ |
✗ |
| Delete action |
✓ |
✓ |
✗ |
✗ |
| Action |
Admin |
Manager |
CSM |
Viewer |
| Create workflow |
✓ |
✓ |
✓ |
✗ |
| Edit workflow |
✓ |
✓ |
✗ |
✗ |
| Delete workflow |
✓ |
✓ |
✗ |
✗ |
| Run workflow |
✓ |
✓ |
✓ |
✗ |
| Action |
Admin |
Manager |
CSM |
Viewer |
| Connect integration |
✓ |
✗ |
✗ |
✗ |
| Disconnect integration |
✓ |
✗ |
✗ |
✗ |
| View integration |
✓ |
✓ |
✓ |
✓ |
Create custom roles with specific permissions.
- Go to Settings → Security → Roles
- Click Create Role
- Name the role
- Select permissions
- Save
| Group |
Permissions |
| Accounts |
View, Edit, Delete, Export |
| Actions |
Create, Edit, Complete, Delete |
| Workflows |
Create, Edit, Delete, Run |
| Reports |
View, Export |
| Settings |
Various sub-permissions |
Restrict access to specific fields.
| Field |
Admin |
Manager |
CSM |
Viewer |
| Basic Info |
✓ |
✓ |
✓ |
✓ |
| MRR |
✓ |
✓ |
✓ |
✓ |
| Health Score |
✓ |
✓ |
✓ |
✓ |
| Custom Fields |
Configurable |
Configurable |
Configurable |
Configurable |
Mark fields as sensitive:
- Go to Settings → Custom Fields
- Click field
- Enable Sensitive
- Restricted roles see masked value
Share accounts with users:
- Open account
- Click Share
- Select users/roles
- Choose permission level
- Save
| Level |
What They Can Do |
| View |
See account |
| Edit |
Modify account |
| Manage |
Full control |
| Practice |
Benefit |
| Principle of least privilege |
Security |
| Regular role audits |
Clean permissions |
| Document custom roles |
Clarity |
| Test before deploying |
Avoid issues |
| Review sharing regularly |
Prevent oversharing |
Last updated on July 14, 2026
Was this page helpful?
Thanks for your feedback!