Roles and permissions
Control what team members and API keys can access with granular, role-based permissions.
Roles define what a user or API key can see and do in Augno. Each role is a named set of permissions that controls create, read, update, and delete access across every area of the system. Only admins can manage roles from the Roles tab in account settings.
Why roles matter
- Security: restrict access to sensitive areas like billing, API keys, and team management
- Simplicity: assign one role per user instead of configuring individual permissions
- Consistency: the same role system applies to both team members and API keys
Default roles
Augno includes built-in roles that cannot be edited or deleted:
- Admin: full access to all features, settings, and management capabilities
- Viewer: read-only access across the system
These defaults cover common use cases. For more specific needs, create custom roles.
Custom roles
Create a custom role when the default roles don't match your needs:
- Navigate to the Roles tab in account settings
- Click Create
- Enter a role name (e.g., "Sales Manager", "Warehouse Staff")
- Configure CRUD permissions for each domain
Permission domains
Permissions are organized by domain. Each domain supports up to four operations: create, read, update, and delete. Some domains may only support a subset of these operations.
| Domain category | Example domains |
|---|---|
| Core records | Accounts, users, teams, customers, contacts |
| Products | Items, categories, units, unit groups, BOMs, production steps |
| Sales | Sales orders, customer pricing, discount codes, volume discounts |
| Production | Production runs, batches, batch operations, scanning stations |
| Inventory | Inventory, storage locations, lots, change logs |
| Purchasing | Suppliers, purchase orders, deliveries |
| Shipping | Shipments, packages, picking, packing |
| Financial | Invoices, payments, settlements, accounts receivable |
| Settings | Roles, integrations, API keys, account settings |
Route access preview
When editing a role, Augno shows a live preview of which dashboard pages the role grants access to. This helps you verify that a role provides the right level of access before assigning it.
Where roles are used
Roles apply in two places:
- Team members: assigned when inviting or editing a user
- API keys: assigned when creating an API key, controlling which API endpoints the key can call
Next: Integrations