Manage custom roles
You can quickly authorize accounts using default roles. For more granular control, create custom roles with specific permissions.
Create a custom role and grant it to a target account
When creating a custom role, you can select a role (member or administrator) and its associated permissions. You then grant this role to a target account, which gives the account the necessary permissions to perform operations in Account Center and Expenses and Costs.
Prerequisite: To grant the role to an account immediately, ensure the account already exists.
Log on to the Account Center as an enterprise administrator. Under My Entity, choose Roles and Permissions.
On the Role Settings tab, click Create Custom Role to configure the role's basic information and permissions.

Choose the Permission Scope for the custom role carefully. You cannot modify this setting after creation. To change it, you must delete and re-create the role. The Permission Scope types are as follows:
Administrator role: Accounts with this role have management permissions over other accounts.
Member role: Accounts with this role have only the permissions assigned to it.
Click Confirm Creation. This action creates the custom role.

Click Go To Authorization Page To Grant Permissions, then click Add Granted Account.

Click Confirm Add to view accounts with this role.
NoteClick Remove Grant to revoke the role from an account.
Modify a custom role
You can modify the name, description, and associated permissions of any role on the Role Settings tab, except for default roles. You can then grant the modified role to a target account.
Log on to the Account Center as an enterprise administrator. Under My Entity, choose Roles and Permissions.
On the Role Settings tab, in the Actions column for the target role, click Details.

On the Role Information tab of the target role, click Modify Role to change the role's name and information, add permissions, or remove permissions.
Click Confirm Changes.

Delete a custom role
Before you delete a role, check which accounts are granted it to avoid unintended permission changes. After you delete a role, any account that was granted it will lose the associated permissions.
Log on to the Account Center as an enterprise administrator. Under My Entity, choose Roles and Permissions.
On the Role Settings page, in the Actions column for the target role, click Delete.

Click Confirm Delete.



