User Roles
Define who can manage settings, users, and data through detailed role-based permissions.
Overview
The User Roles page lets administrators control who has access to different parts of ShiftControl. The system uses Role-Based Access Control (RBAC) to assign permissions to users based on their responsibilities — ensuring that only authorized users can manage sensitive settings.
Roles can be tailored to provide varying levels of control, such as:
| Role | Description |
|---|---|
| Full Admin | Complete access to all settings, integrations, and data. |
| Read-only Admin | Can view all configuration and reports, but cannot make changes. |
Use role separation to improve security — not everyone who manages users needs access to billing, API keys, or integrations.
Viewing and Searching Roles
The User Roles list displays all users who currently have administrative access. Each entry includes:
- User — The name and email of the admin.
- Roles — The specific roles assigned to that user.
You can use the search bar to quickly locate users or filter by assigned role.
Adding or Editing an Admin User
To create or update an admin’s assigned roles:
- Click Add Admin User (or the ⋮ menu → Edit) to open the role editor.
- Select the Admin User from your organization’s directory.
- Under Assigned Roles, choose one or more roles from the dropdown.
- Click Save to confirm.
The flow for creating and editing roles is identical — you can modify role assignments at any time.
All changes take effect immediately. Users may need to refresh their browser for access changes to apply.
Removing an Admin User
To revoke administrative access:
- Open the ⋮ menu next to the user’s name.
- Select Remove Admin User.
- Confirm the action — the user will immediately lose admin privileges.
Before removing an admin, make sure another user has the same role if the responsibilities need to be maintained.