Skip to content
Karolina
Esc
navigateopen⌘Jpreview
On this page

RBAC

RBAC

Role-Based Access Control for your organization.

Overview

RBAC restricts what users can do based on their role.

Default Roles

Admin

Full system access:

Permission Access
All features
All accounts
Team management
Billing
Settings

Manager

Team and workflow management:

Permission Access
All accounts
Team view
Workflows Create/Edit
Approvals
Settings Limited

CSM

Account-focused access:

Permission Access
Assigned accounts Full
Other accounts View only
Actions Create/Edit
Copilot
Settings No

Viewer

Read-only access:

Permission Access
Assigned accounts View only
Dashboard View
Reports View
Settings No

Permission Categories

Account Permissions

Action Admin Manager CSM Viewer
View account Assigned Assigned
Edit account
Delete account
Export account

Action Permissions

Action Admin Manager CSM Viewer
Create action
Edit action
Complete action
Delete action

Workflow Permissions

Action Admin Manager CSM Viewer
Create workflow
Edit workflow
Delete workflow
Run workflow

Integration Permissions

Action Admin Manager CSM Viewer
Connect integration
Disconnect integration
View integration

Custom Roles (Enterprise)

Create custom roles with specific permissions.

Creating Custom Roles

  1. Go to SettingsSecurityRoles
  2. Click Create Role
  3. Name the role
  4. Select permissions
  5. Save

Permission Groups

Group Permissions
Accounts View, Edit, Delete, Export
Actions Create, Edit, Complete, Delete
Workflows Create, Edit, Delete, Run
Reports View, Export
Settings Various sub-permissions

Field-Level Permissions

Restrict access to specific fields.

Account Fields

Field Admin Manager CSM Viewer
Basic Info
MRR
Health Score
Custom Fields Configurable Configurable Configurable Configurable

Sensitive Fields

Mark fields as sensitive:

  1. Go to SettingsCustom Fields
  2. Click field
  3. Enable Sensitive
  4. Restricted roles see masked value

Sharing and Permissions

Account Sharing

Share accounts with users:

  1. Open account
  2. Click Share
  3. Select users/roles
  4. Choose permission level
  5. Save

Sharing Levels

Level What They Can Do
View See account
Edit Modify account
Manage Full control

Best Practices

Practice Benefit
Principle of least privilege Security
Regular role audits Clean permissions
Document custom roles Clarity
Test before deploying Avoid issues
Review sharing regularly Prevent oversharing

Last updated on July 14, 2026

Was this page helpful?