Creating Roles

This guide walks you through creating custom roles with specific permissions.

Why Create Custom Roles

Create custom roles when:

You need permissions not covered by predefined roles
Different departments need different access levels
You want to implement least-privilege access
Predefined roles are too permissive or restrictive

Creating a Role

Create role drawer with form fields

Navigate to Roles

From the dashboard sidebar, click Roles to view the roles list.

Open Create Form

Click the Create Role button. A drawer slides in from the right.

Enter Role Details

Field	Required	Description
Role Name	Yes	Display name (e.g., "Travel Coordinator")
Description	No	Purpose and intended users
Status	Yes	Active or Inactive

Select Permissions

Use the permission matrix to select capabilities:

Check individual permissions
Use group checkboxes for entire categories
Use "Select All" for full access

At least one permission is required.

Save the Role

Click Create Role to save. The role appears in the list and can be assigned to users.

Permission Matrix

Permission matrix showing categories and checkboxes

The permission matrix organizes 26 permissions into 10 categories for company roles.

Understanding the Matrix

The matrix shows:

Select All checkbox at the top with a count (e.g., "12 of 26 selected")
Category headers with checkboxes that toggle all permissions in that group
Individual permissions within each category

Selection Patterns

Pattern	Visual	Meaning
Empty checkbox	☐	No permissions selected
Checked checkbox	✓	Permission selected
Partial fill	▣	Some permissions in group selected

Efficient Selection

Select entire category:

Check the category header checkbox
All permissions in that category are selected

Select all permissions:

Check "Select All" at the top
All permissions are selected

Deselect category:

Uncheck the category header
All permissions in category are deselected

Role Code

A unique code is auto-generated from the role name:

Name	Generated Code
Travel Coordinator	`TRAVEL_COORDINATOR`
Regional Manager	`REGIONAL_MANAGER`
Executive Assistant	`EXECUTIVE_ASSISTANT`

You cannot use reserved codes: MEMBER, MANAGER, ADMIN. These are reserved for predefined roles.

Common Role Templates

Travel Coordinator

For employees who book travel on behalf of others:

Permissions
Read Travelers, Write Travelers
Read Delegations
Read User Passports, Write User Passports
Read User Booking Requests, Write User Booking Requests

Budget Viewer

For finance team members who need spending visibility:

Permissions
Access Company Dashboard
Read Budgets
Read Booking Requests
Read Users

Approver Only

For managers who only approve requests:

Permissions
Access Company Dashboard
Read Booking Requests
Process Booking Requests

Read-Only Admin

For compliance/audit purposes:

Permissions
Access Company Dashboard
Read Users, Read Company Roles
Read Policies, Read Budgets
Read Booking Requests, Read Travelers
Read Delegations

Validation Rules

Required Fields

Role Name: Required for new roles
Permissions: At least one permission must be selected

Reserved Codes

The following codes cannot be used: MEMBER, MANAGER, ADMIN

Unique Codes

Each role code must be unique within the company. If a conflict exists:

Modify the role name
The code will regenerate

Troubleshooting

"Code already exists"

Another role has the same generated code:

Change the role name slightly
The code will regenerate differently

No permissions selected

At least one permission is required:

Select at least one permission from the matrix
Try again

Reserved code error

You used a name that generates a reserved code (like "Member" or "Admin"):

Choose a different name
Examples: "Team Member", "Company Admin"

Creating Roles

On this page