Creating and editing custom permission levels
Last updated: June 17, 2026
Operandio's four built-in permission levels suit most businesses and cover the access controls they need, including who can view and create items. If they don't fit your needs, for example you want Store Managers to have more or less access than the built-in Location Manager level, custom permission levels let you tailor access to your business. To create one, go to Settings, select Permission levels, open the Custom tab, and click Add custom permission level.
READ BEFORE CHANGING PERMISSIONS
Changing permissions affects what your staff can access and do every day. Incorrect permissions can remove functionality people rely on, lock them out of areas they need, or give them more access than intended. Only make permission changes at a senior level, test them on a single user before rolling out widely, and change existing roles as little as possible. Frequent changes can stop staff completing their work.
How permissions work
There are two concepts to understand before you start.
Permissions are individual rules that control access to one specific action. Each is written as a plain-English toggle, such as "Can view accreditations" or "Can create and assign new actions." There are a large number of these.
Permission levels are named groups of permissions. This is what you assign to a staff member. Instead of setting dozens of individual toggles per person, you assign one p and the whole group of permissions comes with it.
Examples of permission levels are Regional Manager or Employee. The individual permissions behind them are grouped by area, such as Accreditations, Actions, and Activities, so related toggles sit together and are easier to find.
The four built-in permission levels
Operandio includes four built-in levels as standard. These are the core roles every account starts with.
Built-in Level | What it covers |
Full Administrator | Full account permissions. Complete access to all settings, locations, users, and content. Can create and manage permission levels. |
Regional Manager | Manages multiple locations within an assigned region. |
Location Manager | Manages jobs, staff, and content at an assigned location. |
Employee | Standard frontline access. Completes assigned jobs and checklists. |
NOTE
The four built-in levels cannot be modified or deleted. You can view them on the Built-in tab for reference, and you can inherit from them when building custom level
Core permissions
Some permissions are essential for a role to function. If you try to save a custom role without these required permissions enabled, a warning message will appear to let you know that mandatory permissions are missing.
Core permissions provide the basic access every user needs to use the platform, such as logging in and viewing the information assigned to them. Without these permissions, users may be unable to sign in or access any data. If you see this warning, review the missing permissions and enable them before saving the role.
Before you build a custom level: inherit, do not start from scratch
When you create a custom permission level, you can use an existing role as a base and inherit all of its permissions. This is the strongly recommended approach.
Building a role from scratch means manually setting dozens of individual permissions correctly, and missing one can silently break functionality for everyone assigned that role. Inheriting from a built-in level that is close to what you need, then adjusting from there, is far safer and far quicker.
RECOMMENDED (EXAMPLE)
Supervisor role that does everything an Employee can plus a little more, inherit from Employee and switch on only the extra permissions you need. You start from a known-good baseline rather than a blank slate.
Create a custom permission level
Click your profile image in the top-right corner and select Settings.
In the left-hand menu, select Permission levels.
Open the Custom tab and click Add custom permission level.
Fill in the form fields. See the table below.
Under Permissions, use Inherit permissions from other role(s) to select a base role, then toggle individual permissions on or off as needed.
Click Save permission level. Your new role appears in the list on the Custom tab.
NOTE
If you cannot see Permission levels in the left-hand menu, you do not have access to this area. Only Full Administrators can manage permission levels.
Form fields explained
Field | What it does |
Name | The name of the permission level. This appears throughout Operandio, such as in the People section. |
Description | A short description of the role. |
Can create role(s) | The roles this level is allowed to assign when inviting new staff. The relevant user creation permission must also be switched on for this level to create users at all. |
Can mention role(s) | The roles this level can see and assign things to. For example, when assigning an action, these are the roles it can be assigned to. |
Inherit permissions from other role(s) | Select one or more roles to use as a base. Inherited permissions appear with an Inherited badge. You can override them, which shows an Overridden badge. |
Permissions List | Every individual permission available to toggle. Inherited ones are switched on by default; you can override any of them or add others on top. |
Inheriting permissions from other roles
You can inherit from one role or several at once. All permissions from the inherited roles are switched on automatically and shown with an Inherited badge in the permissions list.
You can still override an inherited permission. If you toggle one off, it shows an Overridden badge so you can see at a glance where the custom role differs from the role it inherited from. You can also add extra permissions on top that the inherited role did not have.
For example, you might inherit a base set of permissions from one role, switch off one permission you do not want, then add the ability to create new assets on top. The result is a role tailored to exactly what you need.
Can create and can mention roles
When you set which roles a custom level can create, the general rule is to allow only roles equal to or below it in your staff hierarchy. For example, you may not want Employees to be able to create other Employees, and you almost never want a mid-level role to be able to create administrators.
WARNING
Be careful what you select here. Granting permission to create any available role can give that person full access to Operandio, which is rarely what you intend. Only senior roles should be able to create high-level roles.
Assign a permission level to a user
Custom levels are assigned the same way as built-in ones, in the People area. You can set a role when inviting a new user, or edit an existing user to change their level.
Go to People in the left sidebar.
Open the staff member's profile, or start a new invite.
Set the Permission level to the role you want.
Save. The change takes effect immediately, so confirm the person still has everything they need.