Introduction
Custom roles are administrator-defined permissions to access a team.
All custom roles start from the Tines default roles: viewer, builder, manager. A user can have multiple roles in a tenant, but only one role per team.
🪄Tip
You can turn on and off individual features for that user role.
Creating a custom role
Administrators own creating custom roles.
Navigate to
Roles
within the admin dropdownChoose the New Role button on the bottom right corner of the modal
Name the role
Give a description, this appears below the role for other users
Customize the feature level permissions (see the feature table below)
Click
Create
in the bottom left of the modal
💡Note
Updating custom roles
Administrators can make updates to custom role permissions.
To do this, they:
Navigate to
Roles
within the admin dropdownClick the role you want to edit
Change the permissions
Click
Update
As a reminder, you cannot change the role name, only the permissions.
Feature permission list
These features allow granualar access. They are binary (on or off). The table details what permissions enabling the feature allows. Below is a brief overview of those permissions.
View
permissions allow a builder to see the information, but not interact with it.Write
permissions allow a builder to update the information, but not perform destructive or permissive actions (add members, change permissions, etc.).Create
&update
permissions also fall under this category.Manage
permissions allow the builder to move, change permissions, or perform destructive actions. This should be limited to roles where a builder can perform destructive actions.Delete
permissions also fall under this category.
Note: Assigning a less restricted permission for a feature will not allow that role to inherit the more restricted permissions - e.g., assigning a Manage type permission will not grant the role the Edit and View type permissions for that feature, so when adding a Manage permission you will typically want to add the Edit and View permission for that object type as well.
Permission templates
To help get started, you can choose to start from a team role template. Then customize from there. This auto-enables the team RBAC feature permissions.
All disabled features default to view-only.