Roles & Permissions

Overview

Roles define what actions a staff member can perform within the system. Each role contains a set of permissions that grant access to specific features and functionality. By creating different roles, you can ensure staff members only have access to the areas they need.

Creating a New Role

Step-by-Step Process

1. Navigate to Roles: Go to Organization > Roles & Permissions and click "Create Role"
2. Name the Role: Give the role a descriptive name (e.g., "Sales Manager", "Support Agent")
3. Add Description: Optionally describe the role's purpose
4. Select Permissions: Check the permissions this role should have access to
5. Save the Role: Click "Create Role" to save your new role

Permission Categories

Permissions are organized by module to make it easy to grant access to specific areas:

User Management

• View users
• Create users
• Edit users
• Delete users

Staff Management

• View staff
• Create staff
• Edit staff
• Delete staff
• Resend credentials
• Impersonate staff

Financial Operations

• View deposits
• Process deposits
• View withdrawals
• Process withdrawals
• Manage transfers

Compliance

• View KYC
• Review KYC
• Approve/Reject documents

Support

• View tickets
• Reply to tickets
• Manage categories
• Configure SLA

Settings & Configuration

• View settings
• Edit settings
• Manage integrations

Common Role Examples

Sales Agent

• View users
• Create leads
• Manage pipeline
• Send emails
• View reports

Compliance Officer

• View users
• View KYC
• Review KYC
• Approve/reject documents

Support Agent

• View tickets
• Reply to tickets
• View user details
• Create notes

Finance Manager

• View deposits
• Process deposits
• View withdrawals
• Process withdrawals
• View reports

Administrator

• Full access to all modules
• User and staff management
• Settings configuration

Editing Roles

What Can Be Changed

• Role name
• Description
• Permissions (add/remove)

Important Notes

• Changes take effect immediately
• All staff with this role are affected
• Consider creating a new role instead of modifying existing ones

Assigning Roles to Staff

1. Go to Organization > Staff Members
2. Edit the staff member
3. Select the new role from the dropdown
4. Save changes

Note: Staff may need to re-login for permission changes to take effect.

Best Practices

1. Principle of Least Privilege: Only grant necessary permissions
2. Separate Roles: Create separate roles for different job functions
3. Regular Audits: Review roles to ensure permissions are still appropriate
4. Descriptive Names: Use names that clearly indicate the purpose
5. Document Roles: Keep notes on what each role is for
6. Test New Roles: Create a test account to verify permissions
7. Don't Modify Default Roles: Create custom roles instead

Security Considerations

High-Risk Permissions

• Staff management (can create admin accounts)
• Settings access (can change system behavior)
• User delete (permanent data loss)
• Financial processing (money movement)

Recommendations

• Limit high-risk permissions to senior staff
• Enable 2FA for staff with financial access
• Regularly review who has admin access
• Log all permission changes

Troubleshooting

Staff Missing Access

1. Verify their role has the required permission
2. Check if they need to re-login
3. Ensure the feature is enabled in settings

Too Much Access

1. Review the assigned role's permissions
2. Create a more restrictive role if needed
3. Reassign staff to the new role

Permission Not Taking Effect

1. Ask staff to log out and log back in
2. Clear browser cache
3. Verify the role was saved correctly

Next Steps

• Staff Management -- Assign roles to your team members
• Hierarchy -- See how roles fit into your organizational structure
• Branches -- Understand branch-level access and regulation