Custom Roles AvailableIn addition to the standard roles below, you can
create custom roles with granular permissions tailored to your organization’s
needs. Learn more in our Custom Roles and Permissions
guide.
Quick Reference: Available Roles
| Role | Intended for | High-level capabilities | Permissions customizable with Custom Roles? |
|---|---|---|---|
ORG_ADMIN | Client administrators | Manage users and businesses in their organization. | ❌ |
ORG_MANAGER | Client users requiring access to the full scope of the organization. | Manage users and businesses in their organization. | ✅ |
GROUP_MANAGER | Client group managers | Manage users and businesses inside their group. | ✅ |
BUSINESS_MANAGER | Client business managers | Manage businesses inside their group; limited user management. | ✅ |
PUBLISHER | External data consumers | Read-only access to businesses subscribed to Presence Management. | ❌ |
The
ORG_MANAGER, GROUP_MANAGER, and BUSINESS_MANAGER
roles can be overwritten with built-in custom roles that provide different
permissions. Learn how to configure these in our Custom Roles and Permissions
guide.Detailed Permissions by Role
All permissions listed below assume the user is not using a Custom Role that alters these defaults. For more information about custom roles, see Managing User Permissions with Custom Roles.Users with the
ORG_ADMIN or PUBLISHER role cannot be modified with custom roles.ORG_ADMIN users always have full access to their organization, while
PUBLISHER users always have read-only access to locations with an active
Presence Management subscription.- Org Admin
- Org Manager
- Group Manager
- Business Manager
- Publisher
Read Access
| Resource | Scope | Details |
|---|---|---|
| User | Organization | Read users in the same organization. |
| Organization | Organization | Read your own organization object. |
| Group | Organization | Read groups in the same organization. |
| Business | Organization | Read businesses in the same organization. |
Write Access
| Resource | Scope | Allowed actions |
|---|---|---|
| User | Organization | • Create users (inherit provider & org_id) • Update users in the organization • Assign roles ORG_MANAGER, GROUP_MANAGER, or BUSINESS_MANAGER |
| Organization | Organization | • Update the organization itself • Cannot create new organizations |
| Group | Organization | • Create groups (inherit provider & org_id) • Update groups in the organization |
| Business | Organization | • Create businesses (inherit provider & org_id) • Update businesses in the organization |