Roles and permissions
- Last UpdatedJun 30, 2026
- 3 minute read
The Roles page lists the available roles. By default, two roles are available, Standard User and Super User.
-
Standard User: Able to design and deploy flows.
-
Super User: Includes Standard User abilities, and adds all other abilities. The organization owner is assigned to this role. This role is required when accessing private flows belonging to a user that no longer exists or when assigning labels to flow runtimes.
Procedure:
-
Select the vertical dots menu icon at top right, then select Organization Settings.
-
Select Roles from the menu on the left.
Note: The action menu is only available to users with appropriate permissions. By default, only the Super User role can access this menu.
Manage Roles
Create any number of roles to meet specific requirements. While roles are defined in CONNECT flows, they are assigned to users in CONNECT.
Create a Role
There are two methods to create, either from scratch or, recommended, by copying an existing role and modifying the permissions of the new role.
Note: Any role with Create permission should also have View, Update, and Delete.
Create a brand new role
-
To create a brand new role select the + sign at top right.
-
Enter a role name and description that defines the intended purpose.
-
Select Create.
-
See Assign or edit permissions of a role.
To copy an existing role into a new role
-
From the source role's 3-dot action menu, select Create Copy from Role.
-
Enter a role name and description that defines the intended purpose.
-
Select Create.
-
See next section: Assign or edit permissions of a role.
Assign or edit permissions of a role
The following features can be assigned to a role. The features provide access and permission to a system property for an assigned user.
|
Feature |
Description |
|---|---|
|
Flow runtimes |
Register/unregister flow runtimes, run remote sessions, deploy flows |
|
Flows |
Create and modify flows |
|
Credentials |
Add/delete credentials |
|
Resources |
Add/delete resources |
|
Universal Connectors |
Use wizard to build/modify and publish/unpublish/delete UCs |
|
Labels |
Add/delete labels (they cannot be modified once created) |
|
Modules |
Register/unregister custom modules |
|
Users |
Add/delete users, assign roles |
|
Roles |
Add/change role definitions |
|
Identity Providers |
Add/Change user authentication with external identity providers |
-
When editing a role, select the type of ability (View/Create/Update/Delete) that is allowed for that feature.
-
Once selected, the users assigned to the role will have the ability to update the feature. For example, when selected, a standard user can view, create, update, or delete a flow.
-
Select Save Role to update the role with the selections.
Note: A quick method to populate a blank role is to select Import from Role to either start with a blank role and add the permissions you want, or update an existing role.
Additional permissions and restrictions
In addition to the View/Create/Update/Delete permissions, some features have Additional and Restricted To permissions.
-
Additional permissions provide additional areas of configuration for a feature.
-
Restricted To permissions limit access to specific instances of user created flows, Resources and Credentials by using Categories.
Note: On the Flows, Resources and Credentials pages organize items by creating categories and subcategories and then place these items in these categories.
Once categories have been created, use them to limit access by specifying which categories a given Role should have access to. By default all users can access all categories.
Category restrictions are specified in the Role configuration modal by clicking in the ‘Restricted To’ column on the type of items you want to restrict. Separate restrictions for flows, resources and credentials can be selected.
-
From the role, select Additional or Restricted To Permissions.
-
Check/uncheck the available options.
-
Select Apply.
-
Additional Permission Definitions
Flow runtimes
-
Remote Session: test flows in remote sessions inside the flow studio.
-
flow Management: manage flows on flow runtimes (Deploy/Undeploy/Start/Stop/Sync).
Universal Connector
-
Publish: publish Universal Connectors to be used in flows.
Users and Administration tabs
-
Select the Users tab to see the lists of users currently assigned to the role and their email and last login details.
-
Select the Administration tab to update the name and description of the role.