Users & roles
ActionConnect uses role-based permissions. This guide explains how to manage the people in your organization and control what each of them can do.
Users, agents, and teams
- A user (or agent) is a member of your organization who signs in to the tenant app.
- Teams group users together for assignment, workload balancing, and notifications. A user can belong to more than one team.
Roles and permissions
A role is a named bundle of permissions. Permissions determine what a user can see and do — for example, manage tickets, configure automations, edit settings, or administer users. You assign one or more roles to each user, and their effective permissions are the union of those roles.
System roles (such as an admin role) are seeded at provisioning. You can create additional roles tailored to your team — for instance a Support Agent role that can work tickets but not change organization settings.
Inviting and managing users
- Invite a user by email; they receive an invitation to join.
- Assign roles to grant the right permissions.
- Add them to teams for assignment and workload.
- Deactivate users who leave so they can no longer sign in, without deleting their history.
Designing a role model
- Follow least privilege: grant only the permissions a role truly needs.
- Separate agents (work tickets and items) from admins (configure the organization).
- Use teams for who gets work, and roles for what they can do — they are independent levers.
How this differs from the platform admin console
The roles you manage here govern your organization's users inside your tenant app. They are entirely separate from the platform admin console, which is ActionConnect staff tooling with its own strong-auth role gate and never mixes with your tenant's permissions. See Platform admin console.
Tips
- Define a small number of clear roles rather than many overlapping ones.
- Review role assignments periodically, especially after reorganizations.
- Combine roles with Automations to route work to the right teams automatically.