Create completely customizable roles by selecting individual permissions atomically. Each role is built from granular permissions that you choose specifically, allowing you to craft precise access control that matches your exact business needs and team responsibilities.

What are Roles?

Create completely customizable roles by selecting individual permissions atomically. Each role is built from granular permissions that you choose specifically, allowing you to craft precise access control that matches your exact business needs and team responsibilities.
Permission profile overview dashboard showing custom roles and system roles - light modePermission profile overview dashboard showing custom roles and system roles - dark mode

Permission Profile Overview

Quick Setup

Create your first custom role in under 3 minutes:
1

Access Role Management

Navigate to TeamRoles in your dashboard
2

Create Custom Role

Click Create Permission Profile and configure role details
Create permission profile interface with atomic permission selection - light modeCreate permission profile interface with atomic permission selection - dark mode

Create Permission Profile Interface

3

Define Role Details

Enter role name and description
4

Configure Permissions

Select specific permissions for the role
5

Save and Assign

Create the role and assign it to team members

System Roles vs Custom Roles

Pre-Built System Roles:Devdraft includes only two system-defined roles that you cannot modify:
  • Super Admin: Complete system access and configuration
    • Full administrative privileges
    • Cannot be customized or deleted
    • System-level access control
  • Authorized Representative: Legal compliance role
    • Automatically assigned to the account creator
    • System-reserved for regulatory requirements
    • Cannot be modified or deleted
    • Used for legal and compliance purposes
These system roles cannot be customized, edited, or deleted. They serve specific system and legal functions.

Creating Custom Roles

1

Access Role Management

Navigate to TeamRoles in your dashboard
2

Create Custom Role

Click Create Permission Profile and configure role details
Create permission profile interface with atomic permission selection - light modeCreate permission profile interface with atomic permission selection - dark mode

Create Permission Profile Interface

3

Select Atomic Permissions

Permission Selection:
  • Choose individual permissions from categories
  • Build custom access levels
  • Apply principle of least privilege
  • Test permission combinations
4

Save and Deploy

Save your custom role and assign it to team members.

Managing Existing Roles

Role Overview:
  • All custom and system roles
  • Permission summaries
  • Assignment statistics
  • Usage patterns
Management Actions:
  • Edit role permissions
  • Clone existing roles
  • Delete unused roles
  • Assign roles to users
Modify Existing Roles:
  • Add new permissions to roles
  • Remove unnecessary permissions
  • Update role names and descriptions
  • Adjust permission dependencies
1

Select Role to Edit

Find the role you want to modify from the roles list.
2

Update Permissions

Add or remove permissions based on changing needs.
3

Save Changes

Apply updates to affect all users with this role immediately.
Permission changes affect all users assigned to the role immediately. Ensure changes are intentional and tested.
Create Similar Roles:
  • Copy existing role as starting point
  • Modify permissions for new requirements
  • Maintain consistent naming conventions
  • Save time on similar role creation
Use Cases:
  • Regional variations of the same role
  • Different permission levels for similar positions
  • Temporary project-specific roles
  • Department-specific modifications
Role Removal:
  • Only delete unused roles
  • Reassign users before deletion
  • Cannot delete roles with active assignments
  • Permanent action that cannot be undone
1

Check Role Usage

Verify no users are currently assigned to the role.
2

Reassign Users

Move affected users to appropriate alternative roles.
3

Confirm Deletion

Permanently remove the role from your system.
Role deletion is permanent and cannot be undone. Ensure all users are reassigned before deleting roles.

Permission System Architecture

Organized Permission Structure:
Business Settings
├── View business information
├── Edit business details
├── Manage business verification
└── Configure business settings

Customer Management
├── View customers
├── Create customers
├── Edit customers
└── Delete customers

Financial Operations
├── View transactions
├── Process refunds
├── Handle disputes
└── Access financial reports
Benefits:
  • Logical grouping of related permissions
  • Easy to understand and assign
  • Scalable permission structure
  • Clear hierarchy for dependencies

Atomic Permission Control

Complete Customization: Roles are built permission-by-permission. You start with zero access and add only the specific permissions needed. No permission bundles or packages - just individual atomic permissions you select.
Customer Support Representative:
  • ✅ View customers
  • ✅ Update customer information
  • ✅ View transactions
  • ✅ Process refunds
  • ❌ Delete customers
  • ❌ Create products
  • ❌ Manage API keys
Financial Analyst:
  • ✅ View transactions
  • ✅ Access financial reports
  • ✅ Export transaction data
  • ✅ View customers (for analysis)
  • ❌ Process refunds
  • ❌ Edit customers
  • ❌ Manage products
Inventory Manager:
  • ✅ View products
  • ✅ Manage inventory
  • ✅ Edit product information
  • ❌ Delete products
  • ❌ View transactions
  • ❌ Access customer data
Marketing Content Manager:
  • ✅ View products
  • ✅ Edit product information
  • ✅ View customers (for campaigns)
  • ✅ Export customer data
  • ❌ Manage inventory
  • ❌ Process transactions
  • ❌ Delete anything
Key Principle: Each permission operates independently. You can:
  • Grant “View Customers” without “Edit Customers”
  • Allow “Create Products” without “Delete Products”
  • Enable “View Transactions” without “Process Refunds”
  • Provide “Export Data” without “Delete Records”
  • Mix read permissions across all categories
  • Combine write permissions selectively
No Forced Bundles: Unlike traditional role systems, you’re never forced to grant more access than needed.
Start from Zero: Every new role begins with no permissionsAdd Selectively: Choose only the permissions that match the user’s actual job needsMix Categories: Combine permissions from different areas as neededRefine Over Time: Add or remove individual permissions as roles evolve
The atomic approach means you can create highly specialized roles like “Invoice-Only Finance” or “Product-View Marketing” that precisely match your business workflows.

Role Assignment Strategies

Department-Based Roles

Create roles that match organizational departments and their specific needs

Function-Based Roles

Design roles around specific job functions regardless of department

Level-Based Roles

Establish roles that reflect seniority and responsibility levels

Project-Based Roles

Temporary roles for specific projects or initiatives
Build roles atomically by selecting individual permissions to create precise access control that matches your exact business needs and team responsibilities.