Roles and Access Rights
This area controls who can do what in the system. It is normally managed by an administrator. If you are not an administrator, you can skip this page.
Open it from Settings in the menu.
The idea in plain terms
- An access right is permission to do one thing — for example, "view employees" or "run payroll".
- A role is a named bundle of access rights — for example, a "Payroll Officer" role might include running payroll and printing reports, but not changing company settings.
- Each user is given one or more roles, which decide what they can see and do.
This is why two people can see different menus and buttons: they have different roles.
Role Management
Open Settings → Role Management to:
- See the list of roles.
- Create a new role and choose which access rights it includes.
- Change an existing role.
Access Right Management
Open Settings → Access Right Management to fine-tune the individual permissions and how they map to roles.
Adding people and giving them a role
Roles only decide what a user can do. To add a person to the company and choose which role they get, use the Members and Invitation tabs on the Company Settings page.
A simple way to set this up
- Decide the types of user you have (for example: Administrator, Payroll Officer, HR, Manager).
- Create a role for each type.
- Give each role only the access rights it needs.
- Assign the right role to each user.
Give people only the access they need to do their job. It keeps salary information private and reduces the chance of accidental changes.
Be careful when changing roles for users who are actively working. Removing a needed right can stop someone from doing their job — for example, blocking them from running payroll on pay day.