Roles and permissions explained
How roles bundle permissions and which access level fits each teammate.
A role is a named bundle of permissions you assign to a user, so you control access by job rather than toggling settings person by person.
Built-in roles
| Role | Typical access |
|---|---|
| Admin | Full access, including account settings, users, and billing |
| Standard | Day-to-day operations across inventory, orders, and production |
| Limited / custom | Scoped to the specific modules you allow |
Assign the least access someone needs to do their job. You can always widen it later.
What permissions cover
Permissions gate both whole areas and specific actions. Common examples:
- Viewing vs. editing inventory, purchasing, sales, or production.
- Issuing or approving purchase and sales orders.
- Managing users, roles, and account settings.
- Accessing billing and the subscription.
Only admins can manage users, roles, and billing. If a teammate can’t reach those screens, it’s almost always because their role doesn’t include those permissions.
Choose the right role
- Day-to-day operators → Standard.
- Warehouse or production staff who only need part of the app → Limited / custom.
- Owners, managers, and finance → Admin.
Review roles when someone changes jobs, and remove access promptly when people leave.
Next steps
To assign roles as you add people, see invite users and manage roles.
Related articles
Still need help?
Ask Filo, our built-in AI assistant, for an instant answer — or get in touch with our team and we'll take it from there.