Guides

Configuring user roles

Before inviting users, administrators should define roles that reflect their organization's structure and security requirements.

  • A role is a predefined set of permissions that controls what a user can see and do in the Atlar dashboard.
  • Assigning the correct roles helps maintain security, efficiency, and compliance across your organization.

Roles are required when inviting users, as each user must be assigned one when creating the invite.
Users in Atlar may have multiple roles in the same organization, however, only one role is active at a time.
This approach fulfil principle of least privilege, where users have the minimum level of access necessary for their tasks.
Atlar recommend assigning an additional role for day-to-day use to users with the owner role. By doing this, use of the owner role can be limited to only when necessary. Avoiding mistakes related to administration and configuration.

Permission levels

Permissions range from basic access — such as viewing data — to advanced access, like managing settings or viewing sensitive financial information. Only assign higher-level roles to users who genuinely need them.

For users invited to join your production organization, follow the principle of least privilege — a user should only have access to the information and resources necessary for their role.

Assigning roles

When inviting a user to the platform, you assign them a role based on their responsibilities. This ensures they only have access to the data and features they need.

How to configure roles and permissions

We recommend reading this best practice section before creating new roles.

  1. Navigate to User management > Roles in the Atlar dashboard.
  2. Click Create New in the top-right corner.
  3. Define role permissions:
    • You can choose between Simple Setup and Advanced Setup. For more on the permission structure, see Key concepts.
    • Follow the principle of least privilege — only assign the minimum permissions required.
    • If Select Accounts is shown in the bottom-right corner, continue to step 4.
    • If See Role Summary is shown instead, skip to step 5.
  4. Select accounts:
    • To give access to all current and future accounts and entities, select All future entities.
    • To restrict access, deselect All future entities and choose specific accounts.
  5. Complete role setup:
    • Review the role configuration.
    • Assign a clear and descriptive name, e.g. “Accounting” or “Approver.”
    • Click Create to finalize the role.

Once created, the role will be available to assign when inviting users.

Updated 3 months ago

What’s Next