Who can use this feature:
Custom roles for account permissions on monday.com Managers
Custom roles for account permissions on monday.com Available only for Enterprise

We’re excited to announce a game-changing new ability in Account Settings! Meet… Custom Roles!

With custom roles, Enterprise administrators can create unique account-level roles based on job title, department, or any other appropriate definition, and then assign specific permissions to that role. This feature is designed to simplify efficient account management while giving employees sufficient freedom in their own field.

How to find it

The custom roles feature is part of the settings Account permissions. So, to access it, start by clicking on your picture in the top right corner, select “Manage”, and then click on “Permissions”, as shown below.

1.png

Create a new role

Custom roles are created from existing roles (also known as user types) in an account, and you can customize the roles you create and assign them to each user.

To start creating a new role, click the “New Role” button at the top of the screen, as shown below.

Create_new_custom_role.png

Custom roles for account permissions on monday.com

Note: Currently, when you create a new role, you can choose to create it based on any user type, except for the account administrator role.

Then, enter a name for your custom role and select an existing role from which it will inherit permissions. For example, if you select the existing role “Guest”, your custom role will inherit the default permissions of a guest, such as the ability to access only boards that have been shared with them (including guest permissions).

Name_it.gif

When this is complete, click “Create” to submit your new role creation!

Setting its permissions

Now that you’ve created a new role in your account, it’s time to define and target the permissions it includes! To do this, make sure your new role is checked and highlighted in blue under “Account Roles” and then select specific permissions on the right to apply them to that role, or uncheck to remove the capability from the role.

name_the_role.gif

And voila! You now have a new, unique user role on your account that can be assigned to all team members. Read on to learn how to do this. ⬇️

Role assignment

To assign a custom role to team members on your account, start by logging into the User Management area. Once you’ve found the team members you want to assign this role to, click the drop-down arrow under the “User Type” column and select the custom role.

custom_roles_in_user_management_section.gif

Edit or delete a custom role

Looking to rename or remove a custom role you created? This can be easily done by hovering over or selecting the custom role and then clicking the three-dot menu to its right. From the resulting menu, you can click “Rename” to change the role’s name, or “Delete” to remove it completely!

editing_custom_role.gif

Use cases

While there are countless uses for the Custom Roles feature, check out some common use cases that can be very valuable to try!

  • Create a sub-admin role

If you are looking to create an account role that can perform certain administrative tasks (like managing account users, security, or billing) without providing them with full administrative access, then creating a “Sub-Admin” role could be the solution for you!

Here, we will create an “Invoice Manager” role that is based on the “Member” role, and then select the “Invoices section access” permission under “Administrator permissions.” This will allow each invoice manager to fully control the billing of the account, without granting them other administrative capabilities such as managing account security, for example.

billing_admin.gif

Custom roles for account permissions on monday.com
Tip: Check out this article to learn more in-depth about what each of these admin-level permissions mean!

  • Allow only a specific number of team members to create automations

For this first use case, we are looking to allow only a specific number of team members to create automations, and prevent others from doing so.

To do this, we first created a new custom role that is similar to the “Member” role except that it cannot create automations. Then, after filtering the user management page to only show members of our marketing team, we can select this role to prevent certain team members from being able to create automations.

noautomations.png

  • Allow only specific team members to create new workspaces

In this use case, we want to prevent unnecessary workspaces from being created on the account. To do this, we first removed the ability to “create workspaces” from the standard member role, and then created a new custom role called “Member (with Workspaces)” that would allow users to create new workspaces.

Now that this custom role has been created, any user assigned to the regular “Member” role will not be able to create workspaces, while anyone assigned to the “Member (with Workspaces)” role will be able to do so.

member_with_workspaces.gif

  • Allow only specific team members to set up integrations

Last but certainly not least, we are looking for a way to restrict the ability to create certain integrations from specific users in our account. To do this, we created a new custom role that grants the permissions from the member role, and then unchecked the box for “Create integrations.”

This customized role now functions like a full member role with the exception of the ability to create new integrations, and can be easily assigned through the user management area!

member_without_integrations.gif

SCIM for management with customized roles

SCIM (System for Cross-domain Identity Management) is a protocol for managing users across multiple applications. It allows IT or operations teams to easily manage users (create, terminate, and update) across multiple applications simultaneously.

For more information about SCIM configuration options and how to configure SCIM management to support customized roles, please visit the dedicated support article.