Roles and Permissions Management
Control what your team members can access and do within your Raion Hub workspace by creating custom roles with specific permissions tailored to their responsibilities.
Overview
Design a secure, efficient workspace by defining roles that match your team’s structure and responsibilities. Control access to features, data, and administrative functions to maintain security while enabling productivity.
Role-Based Security Benefits:
- Precise Access Control: Grant exactly the permissions each role needs
- Data Security: Protect sensitive information from unauthorized access
- Workflow Efficiency: Streamline operations with role-appropriate features
- Scalable Management: Easily manage permissions as your team grows
- Compliance Ready: Meet security requirements with granular controls
Understanding Roles
Roles define what features and actions team members can access. You must create roles first before assigning them to team members during invitation.
Roles management interface showing existing roles and creation options.
Default Roles
Built-in Role Types:
| Role | Access Level | Best For | Key Features |
|---|---|---|---|
| Admin | Full access to all features | Managers, business owners | Complete workspace control |
| User | Standard access with limited admin features | Sales reps, team members | Daily operations focus |
Creating Custom Roles
Role Creation Process
Access Role Management
Go to Manage Roles in your sidebar and click “Add Role”
Define Role Details
Enter descriptive role name and purpose description
Configure Permissions
Use the permission matrix to set specific access levels
Save and Deploy
Save the role for use in team member invitations
Role Configuration
Role Information
Role Setup Requirements:
Role Name (Required):
- Use descriptive, clear names that indicate function
- Consider job titles and responsibilities
- Keep names consistent with organizational structure
Naming Examples:
| Role Name | Purpose | Team Function |
|---|---|---|
| Sales Manager | Team oversight with lead access | Sales team leadership |
| Lead Viewer | Read-only analysis access | Reporting and analytics |
| Campaign Manager | Marketing and integration focus | Marketing operations |
| Support Agent | Customer service operations | Help desk and support |
Role Description Best Practices:
- Clearly explain the role’s purpose and scope
- Include specific responsibilities and limitations
- Reference which team members typically use this role
- Note any special access or restrictions
Feature Area Permissions
Workspace Management
Workspace Settings
Workspace Configuration:
Workspace Permissions Control:
- ALL: Complete workspace administration including settings modification
- READ: View workspace information and configuration
- UPDATE: Modify workspace settings and preferences
- CREATE/DELETE: Typically not applicable for workspace settings
Who Needs Workspace Access:
- Administrators: Full access for workspace management
- Managers: Read access to understand configuration
- Standard Users: Typically no direct workspace access needed
Common Configurations:
| Role Type | Permission | Reasoning |
|---|---|---|
| Workspace Admin | ALL | Complete control for system administration |
| Department Manager | READ | Awareness of configuration without modification rights |
| Team Member | None | Focus on operational tasks, not administration |
Integration & Communication
Social Integration
Social Media Integration Control:
Social Integration Permissions:
- Setup and manage connections to Facebook, Instagram, Google
- Configure field mapping for lead import
- Monitor integration performance and lead quality
- Troubleshoot connection issues and data flow
Access Level Recommendations:
| Role | Permission | Reasoning |
|---|---|---|
| Marketing Manager | ALL | Complete control over lead generation sources |
| Campaign Specialist | CREATE + UPDATE | Manage campaigns but not remove integrations |
| Sales Rep | READ | Understand lead sources but not modify integrations |
| Analyst | READ | Monitor performance without modification capability |
Security Considerations:
- Integration access affects external platform connections
- Changes can impact lead generation and data flow
- Requires understanding of mapping and data integrity
- Mistakes can affect multiple team members and lead quality
Role Examples & Templates
Common Business Roles
Sales Organization
Sales Team Structure:
Sales Representative:
Lead Table: CREATE + READ + UPDATE
Lead Bank: READ
WhatsApp: CREATE + READ + UPDATE
Social Integration: READ
Members: None
Table Settings: NonePurpose: Manage assigned leads, communicate with customers, update pipeline
Sales Manager:
Lead Table: ALL
Lead Bank: ALL
Lead Distribution: ALL
WhatsApp: ALL
Social Integration: READ + UPDATE
Members: CREATE + READ + UPDATE
Table Settings: READ + UPDATEPurpose: Oversee sales team, manage lead distribution, configure CRM
Sales Director:
All Features: ALL (except Roles and Permissions)
Roles and Permissions: READPurpose: Complete sales operations management with team oversight
Specialized Roles
Technical Roles
Technical and IT Roles:
System Administrator:
Workspace: ALL
Roles and Permissions: ALL
Members: ALL
Table Settings: ALL
Social Integration: ALL
WhatsApp: ALLPurpose: Complete system administration and technical management
Integration Specialist:
Social Integration: ALL
WhatsApp: ALL
Lead Bank: READ + UPDATE
Lead Table: READ
Table Settings: READ + UPDATE
Members: READPurpose: Manage all external integrations and data flow
Data Analyst:
Lead Table: READ
Lead Bank: READ
Social Integration: READ
WhatsApp: READ
Lead Distribution: READ
Members: READ
Export Capability: ALLPurpose: Comprehensive analysis and reporting across all data
Role Management
Managing Existing Roles
In the Manage Roles section, you can perform these actions:
Role Actions
Available Role Actions:
| Action | Icon | Purpose | Considerations |
|---|---|---|---|
| View Details | 👁️ | Review role permissions and usage | Check current assignments before changes |
| Edit Role | ✏️ | Modify permissions and settings | Changes affect all assigned members immediately |
| Delete Role | 🗑️ | Remove unused roles | Cannot delete roles with active assignments |
Action Guidelines:
- View: Regular review of role definitions and current usage
- Edit: Update roles as business needs and responsibilities evolve
- Delete: Clean up unused roles to maintain organized role structure
Change Management:
- Communication: Notify affected team members of role changes
- Documentation: Record reasons for role modifications
- Testing: Verify changes work as expected before full deployment
- Rollback Plan: Maintain ability to revert changes if issues arise
Permission Best Practices
Security & Compliance
Access Control
Access Control Principles:
Principle of Least Privilege:
- Grant Minimum Access: Provide only permissions necessary for job function
- Regular Reviews: Quarterly assessment of role appropriateness
- Just-in-Time Access: Temporary permission elevation when needed
- Role-Based Approach: Use roles rather than individual permission assignments
Access Control Implementation: ✅ Best Practices:
- Start with minimal permissions and add as needed
- Document business justification for all permissions
- Regular audit of role assignments and usage
- Immediate revocation of access for departed employees
❌ Security Risks to Avoid:
- Over-permissioning roles “just in case”
- Sharing accounts or role assignments
- Delayed access revocation for role changes
- Lack of documentation for permission decisions
Role Separation Guidelines:
- Operational vs Administrative: Separate daily work from system administration
- Financial vs Operational: Separate billing access from operational tasks
- Create vs Delete: Consider separating creation and deletion permissions
- Read vs Modify: Provide read-only access when modification isn’t needed
Team Efficiency
Role Optimization
Role Design for Efficiency:
Workflow-Based Role Design:
- Task Alignment: Permissions match daily workflow requirements
- Minimal Friction: Reduce permission-related workflow interruptions
- Clear Boundaries: Well-defined scope prevents confusion
- Growth Planning: Roles accommodate skill development and promotion
Efficiency Indicators: ✅ Signs of Well-Designed Roles:
- Team members can complete tasks without permission requests
- Low frequency of permission-related support tickets
- High user satisfaction with system access
- Clear understanding of role capabilities and limitations
⚠️ Signs of Role Problems:
- Frequent requests for additional permissions
- Team members unable to complete assigned tasks
- Confusion about what actions are allowed
- Workarounds to bypass permission limitations
Optimization Strategies:
- User Feedback: Regular surveys about role effectiveness
- Task Analysis: Review common tasks that require permission changes
- Workflow Mapping: Align permissions with actual business processes
- Performance Metrics: Track efficiency gains from role optimization
Advanced Role Features
Enterprise Scalability
Large Organization Support:
- Hierarchical Roles: Parent-child role relationships for complex organizations
- Geographic Roles: Regional access controls for global operations
- Department Integration: Role alignment with organizational structure
- Bulk Management: Tools for managing large numbers of roles and assignments
Integration with External Systems:
- SSO Integration: Single sign-on with role mapping
- Directory Sync: Automatic role assignment based on organizational directory
- API Access: Programmatic role management for large-scale operations
- Compliance Integration: Connection with compliance and audit systems
Future Enhancements
Planned Features:
- Conditional Permissions: Time-based or context-based access controls
- Dynamic Roles: Automatic role adjustment based on performance or training
- Advanced Analytics: Detailed role usage and effectiveness reporting
- Mobile Role Management: Full role administration from mobile devices
Troubleshooting
Common Issues
Role Creation and Management Issues:
| Issue | Cause | Solution |
|---|---|---|
| Cannot create role | Insufficient permissions | Verify admin access to Roles and Permissions |
| Role not available during invitation | Role not saved properly | Check role creation and save status |
| Changes not taking effect | Browser cache or session issues | Refresh browser, clear cache, re-login |
| Role appears but permissions don’t work | Permission configuration error | Review and verify all permission settings |
Prevention Strategies:
- Admin Training: Ensure role creators understand permission system
- Testing Protocol: Test roles with sample user accounts before deployment
- Documentation: Maintain clear records of role purposes and configurations
- Regular Audits: Periodic verification that roles work as intended
Connection to Member Invitations
Integration with Team Management
Role Assignment Process:
- Create Roles First: Define roles in Roles & Permissions before inviting members
- Role Selection: Choose appropriate role during member invitation process
- Immediate Effect: Assigned permissions take effect upon member acceptance
- Ongoing Management: Modify role assignments through member management interface
Member Invitation Flow:
- Roles created here become available in member invitation dropdown
- Role determines what access the invited member receives
- Cannot delete roles that are currently assigned to active members
- Role changes immediately affect all members assigned to that role
Workflow Integration: Roles created in this section directly integrate with the team member invitation process, providing seamless access control from invitation through ongoing management.
Next Steps
With roles and permissions configured, complete your team collaboration setup:
- Step 3: Inviting Team Members – Add team members to collaborate
- Roles & Permissions – Set permissions and roles