Granular Permissions & Roles

Control Access, Protect Data, Empower Teams

Features:7 Built-In RolesRBAC
Permissions & Roles

Seven Built-In Roles

👑

Superadmin

Full system access

  • • See and edit everything
  • • Team settings & billing
  • • User management

Best for: Owners, founders

🏢

Organization Manager

Management access

  • • View all team data
  • • Edit all records
  • • Financial oversight

Best for: Operations managers

📊

Sales Manager

Sales leadership

  • • Manage all deals
  • • View all contacts
  • • Sales reporting

Best for: Sales directors

💼

Sales Representative

Individual sales

  • • Manage own deals
  • • View assigned contacts
  • • Own pipeline

Best for: Sales reps, BDRs

📁

Project Manager

Project leadership

  • • Manage projects
  • • View time tracking
  • • Project reporting

Best for: PMs, delivery leads

👁️

Project Viewer

Client access

  • • View assigned projects
  • • See time reports
  • • Read-only access

Best for: Clients, stakeholders

👤

User

Team member

  • • View own work
  • • Edit own records
  • • Time tracking

Best for: Developers, designers

Granular Permission System

Control specific actions with resource-level permissions

Permission Categories

CRM Permissions

  • • contact.viewAny, create, update, delete
  • • client.viewAny, create, update, delete
  • • deal.viewAny, create, update, delete

Project Permissions

  • • project.viewAny, create, update, delete
  • • task.viewAny, create, update, delete
  • • project-board.viewAny, create

Financial Permissions

  • • invoice.viewAny, create, update
  • • expense.viewAny, create, update
  • • payment.viewAny, process

HR Permissions

  • • hr-vacancy.viewAny, create, update
  • • hr-candidate.viewAny, create
  • • hr-interview.viewAny, create

Own vs. All Access

Control whether users see only their data or all team data

👤 View Own

User sees only their own records:

  • • Own contacts & deals
  • • Own tasks
  • • Own time tracking
  • • Own expenses

Example: Sales reps shouldn't see others' deals

👥 View All

User sees all team records:

  • • All contacts & deals
  • • All tasks
  • • All time tracking
  • • All expenses

Example: Managers need full visibility

Common Use Cases

Multi-Team Agencies

Separate team visibility—development sees projects, sales sees deals

Client Separation

Isolate client data—competitors don't see each other

Financial Protection

Restrict financial access—only managers see all invoices

Sales Territory

Each rep manages own pipeline without seeing others

Client Portal

Clients see only their projects and invoices

Audit Compliance

Track who accessed what for security compliance

Security & Audit Trail

Monitor access and maintain security compliance

🔒

Data Protection

  • • Financial information protected
  • • Client contacts secured
  • • Sales pipelines isolated
  • • Integration credentials safe
📋

Activity Logging

  • • Who accessed what
  • • When access occurred
  • • What actions taken
  • • Failed access attempts logged

Real-World Access Control Examples

Scenario 1: Sales Team

Sales Manager:

  • ✅ Sees all deals across team
  • ✅ Views all contacts
  • ✅ Creates email campaigns
  • ❌ Cannot see project time tracking

Sales Rep:

  • ✅ Sees only own deals
  • ✅ Views own contacts
  • ✅ Creates own outreach
  • ❌ Cannot see other reps' data

Scenario 2: Agency with Clients

Agency Team:

  • ✅ Full access to projects
  • ✅ Client management
  • ✅ Financial control
  • ✅ Full editing rights

Client (Viewer):

  • ✅ See their projects only
  • ✅ View time reports
  • ❌ No editing rights
  • ❌ Cannot see other clients

Secure Your Business Data

Role-based access control, project-specific permissions, and audit trail—enterprise-grade security included

Free 14-day trial →