Custom Roles

Estimated reading time: 5 minutes

The five built-in roles cover most use cases, but if you need more granular control, create custom roles with exactly the permissions you want.

Plan Requirement

Custom roles are available on Professional ($199/mo) and Enterprise ($999/mo) plans.

When to Use Custom Roles

Custom roles are useful when built-in roles do not fit your team structure. Common examples:

  • Data Steward - can manage data sources but not create reports
  • Report Consumer - can view reports and export but not create or edit
  • Department Lead - can manage users in their workspace but not organization-wide
  • External Consultant - read-only access to specific dashboards with no goal or workspace access

Creating a Custom Role

1

Go to Settings > Organization > Roles

2

Click Create Role

3

Enter a role name and description

4

Check the individual permissions you want this role to have. Permissions are grouped by category (e.g., User Management, Data Management, Analytics, Reports, Goals, Billing, Security) for easy browsing. You can select or deselect entire categories at once.

5

Click Save

Worked Example: A Data-Steward Role

You want one team member who can manage data sources, run analyses, and view reports — but who shouldn't touch billing or other users' settings. Walk-through:

  1. Create role Data Steward.
  2. Under Data Management: tick view_data_sources, create_data_source, edit_data_source, delete_data_source, refresh_data_source.
  3. Under Analytics: tick run_analysis, view_analysis_history.
  4. Under Reports: tick view_reports, export_report (skip delete_report if you don't want them removing others' work).
  5. Under Dashboards: tick view_dashboard, create_dashboard.
  6. Under User Management: leave everything unticked (no user invites, no role assignments).
  7. Under Billing: leave unticked.
  8. Save. Assign the role to the user from Settings → Users → [name] → Change Role.

The user can now do their data-management job without seeing billing or being able to invite teammates. The full permission reference is at RBAC Details.

Managing Custom Roles

Custom roles appear alongside built-in roles in the role management page. You can edit permissions at any time — changes apply immediately to all users with that role. The role management page also shows a permission matrix so you can compare permissions across all roles at a glance. Role-change audit: on Professional+ tiers, every permission tick or role assignment is recorded in the organization audit log with who changed what and when.

Limitations

  • You cannot modify the five built-in roles (Owner / Admin / Analyst / Member / Viewer) — only create new custom ones alongside them.
  • Custom roles cannot have more permissions than the Owner role (35).
  • Role names must be unique within your organization.
  • Deleting a custom role that's assigned to users prompts you to reassign them first — the system won't orphan users into a no-role state.

Related

Ready to try clariBI?

Start your free 14-day trial. No credit card required.

Start Free Trial View Pricing