Skip to main content

Roles

A role is a reusable set of administrator permissions. Roles make permission maintenance safer because the same access model can be assigned to several administrators and reviewed in one place.

info

Use roles as the normal way to grant administrator access. Direct permissions should be reserved for exceptions.

In this section

  • Roles list – review existing roles.
  • Add role – create a new reusable permission set.
  • Role details – manage the role's fields, permissions, members, and effective access.
  • Recommended use – keep role maintenance understandable over time.

Roles List

The Roles page lists existing roles. The table includes Name, Description, and Updated.

The Add action opens the page for creating a new role.

Add Role

The Add role form includes Name, Short description, and Description. The short description is shown in role lists and should explain the role's purpose clearly enough for other administrators.

Role Details

The role detail page is divided into tabs:

  • General information – role Name, Short description, Description, and system details such as Created, Updated, and Created by.
  • Assigned roles – other roles included in this role, with Name, Permission labels, and User scope.
  • Assigned permissions – directly granted permissions, with Object, Action, Domain, and User scope.
  • Members – administrators who have the role, with Name and Implied status.
  • Assignment – rules for automatically assigning the role to administrators based on fields of their learner portal user.
  • Effective permissions – the complete result of assigned roles and assigned permissions, including Effective roles and Effective permissions.

The Effective permissions tab is the best place to check what access the role actually grants after all nested roles and access restrictions are applied.

Create roles around real responsibilities, such as content owner, local administrator, reporting administrator, trainer, or support user. Use permission labels and user scope to limit the role to the correct content, groups, and user data.

Avoid broad roles unless the administrator genuinely needs broad access. When access changes, update the role or role assignment instead of rebuilding each administrator's permissions manually.