# Role Based Access Control

Roles are a *set of permissions* granted that are specific to the Team that the user is a member of. There are pre-defined Roles that can be directly assigned to the members of the Team. If one wants to define [<mark style="color:blue;">Custom Roles</mark>](#custom-roles)<mark style="color:blue;">,</mark> that is also doable.

It is critical to thoroughly note that **Roles are Team-specific**, that is, **Roles will allow you specific abilities for just that Team that you are a part of**.

### Default Types of Roles and Abilities <a href="#default-types-of-roles-and-abilities" id="default-types-of-roles-and-abilities"></a>

There are 4 different default Roles that can be assigned to a Team member in Squadcast. See below to understand what they are, along with their abilities.

### 1. Manage Teams <a href="#id-1-manage-teams" id="id-1-manage-teams"></a>

This Role will allow you to manage just this Team. The abilities are:

| Entity | Abilities                |
| ------ | ------------------------ |
| Teams  | `read` `update` `delete` |

### 2. Admin <a href="#id-2-admin" id="id-2-admin"></a>

| Entity              | Abilities                         |
| ------------------- | --------------------------------- |
| Escalation Policies | `create` `read` `update` `delete` |
| Postmortems         | `create` `read` `update` `delete` |
| Runbooks            | `create` `read` `update` `delete` |
| Schedules           | `create` `read` `update` `delete` |
| Services            | `create` `read` `update` `delete` |
| SLOs                | `create` `read` `update` `delete` |
| Squads              | `create` `read` `update` `delete` |
| Status Pages        | `create` `read` `update` `delete` |
| Team analytics      | `read`                            |
| Webforms            | `create` `read` `update` `delete` |

### 3. User <a href="#id-3-user" id="id-3-user"></a>

| Entity              | Abilities       |
| ------------------- | --------------- |
| Escalation Policies | `read` `update` |
| Postmortems         | `read` `update` |
| Runbooks            | `read` `update` |
| Schedules           | `read` `update` |
| Services            | `read` `update` |
| SLOs                | `read` `update` |
| Squads              | `read` `update` |
| Status Pages        | `read` `update` |
| Team analytics      | `read`          |
| Webforms            | `read` `update` |

### 4. Observer <a href="#id-4-observer" id="id-4-observer"></a>

| Entity              | Abilities |
| ------------------- | --------- |
| Escalation Policies | `read`    |
| Postmortems         | `read`    |
| Runbooks            | `read`    |
| Schedules           | `read`    |
| Services            | `read`    |
| SLOs                | `read`    |
| Squads              | `read`    |
| Status Pages        | `read`    |
| Team analytics      | `read`    |
| Webforms            | `read`    |

{% hint style="warning" %}
**Important:** `Stakeholders` can be added with only `Observer`Role within a Team.
{% endhint %}

### Manage Roles and Abilities <a href="#manage-roles-and-abilities" id="manage-roles-and-abilities"></a>

Follow the steps below to manage Roles for a Team:

1. Click on **Settings** in the sidebar

<figure><img src="https://1574591692-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8TaWz01jmUJl58p4ZVel%2Fuploads%2Fgit-blob-7e355d66ee0648335cb1a0fe80507c80a2fc6e45%2Fadd_and_delete_users_1%20(1)%20(1)%20(1)%20(1)%20(11)%20(1)%20(1)%20(1)%20(1)%20(1)%20(1)%20(1)%20(1)%20(1)%20(1)%20(1)%20(1)%20(1)%20(1)%20(31).png?alt=media" alt="How to manage role and abilitis in Squadcast"><figcaption></figcaption></figure>

2\. Click on **Teams** from the secondary navigation menu and select the Team you want to manage *Roles and Access Controls* for

<figure><img src="https://1574591692-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8TaWz01jmUJl58p4ZVel%2Fuploads%2Fgit-blob-c9a02fb88e467cb429bf5ef4338ed1da7b7d0057%2Fadd_and_delete_teams_1%20(1)%20(1)%20(3)%20(1)%20(1)%20(1)%20(1)%20(1)%20(1)%20(1)%20(1)%20(1)%20(1)%20(1)%20(1)%20(1)%20(1)%20(8).png?alt=media" alt="Assign access to teams in squadcast"><figcaption></figcaption></figure>

3\. Click on **Roles** from the horizontal menu and you will have the option to <mark style="color:red;">`edit`</mark> or <mark style="color:red;">`delete`</mark> the Roles and Access Controls via the <mark style="color:red;">`More Option`</mark>

<figure><img src="https://1574591692-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8TaWz01jmUJl58p4ZVel%2Fuploads%2Fgit-blob-7ebaa9236bfa29e8dd16275a6964791a18cc0c0a%2Frbac_2.png?alt=media" alt="How to edit the roles in Squadcast"><figcaption></figcaption></figure>

{% hint style="info" %}
**Note:** Roles are Team specific, i.e. roles will allow you specific abilities for just that team that you’re a part of.
{% endhint %}

### Custom Roles <a href="#custom-roles" id="custom-roles"></a>

There might be situations where the predefined *Roles and Abilities* available for members of a Team in Squadcast, by default, are not sufficient or that they do not align with how you want your Team members to be organized (in terms of Access Controls).

In such situations, you can either choose to modify one of the default Roles itself or you can create **Custom Roles** to provide special, customised permissions to specific types of users in your Organization for that Team.

It is critical to thoroughly note that only members of the Team with **Manage Team** Role permissions can create and manage **Custom Roles**.

### Creating a Custom Role <a href="#creating-a-custom-role" id="creating-a-custom-role"></a>

Follow the steps below to create a Custom Role for a Team:

1. Click on **Settings** in the sidebar

<figure><img src="https://1574591692-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8TaWz01jmUJl58p4ZVel%2Fuploads%2Fgit-blob-7e355d66ee0648335cb1a0fe80507c80a2fc6e45%2Fadd_and_delete_users_1%20(1)%20(1)%20(1)%20(1)%20(11)%20(1)%20(1)%20(1)%20(1)%20(1)%20(1)%20(1)%20(1)%20(1)%20(1)%20(1)%20(1)%20(1)%20(1)%20(34).png?alt=media" alt="how to create custom rules in Squadcast"><figcaption></figcaption></figure>

2\. Click on **Teams** from the secondary navigation menu and select the Team for which you want to add the **Custom Role**

<figure><img src="https://1574591692-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8TaWz01jmUJl58p4ZVel%2Fuploads%2Fgit-blob-c9a02fb88e467cb429bf5ef4338ed1da7b7d0057%2Fadd_and_delete_teams_1%20(1)%20(1)%20(3)%20(1)%20(1)%20(1)%20(1)%20(1)%20(1)%20(1)%20(1)%20(1)%20(1)%20(1)%20(1)%20(1)%20(1)%20(6).png?alt=media" alt="how to assign custom role to team in Squadcast"><figcaption></figcaption></figure>

3\. Click on **Roles** from the horizontal menu and scroll down to the bottom of the page

<figure><img src="https://1574591692-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8TaWz01jmUJl58p4ZVel%2Fuploads%2Fgit-blob-9b363fbadc7a168f6b2d0db4b7eb66febe1e4b61%2Frbac_3.png?alt=media" alt="Add new team role in Squadcast"><figcaption></figcaption></figure>

4\. Click on **Add new team role**. Here:

* Give the Custom Role a **Name** indicating the Role type
* Next, for the available Entities (Escalation Policies, Postmortems, Schedules, Services, Squads, Status Pages), select the Access Controls (<mark style="color:red;">`read`</mark>, <mark style="color:red;">`create`</mark>, <mark style="color:red;">`update`</mark>, <mark style="color:red;">`delete`</mark>)

5\. Click on **Save** to create the new Custom Role for the Team

<figure><img src="https://1574591692-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8TaWz01jmUJl58p4ZVel%2Fuploads%2Fgit-blob-501d5df4fb6634c3207ddeed754dabfd09f21957%2Frbac_4.png?alt=media" alt="Assign custom role to team in Squadcast"><figcaption></figcaption></figure>