Roles

Updated On 29 Jun 2022
3 Minutes To Read

Print
Share
Dark
Light
PDF

Article Summary

Share feedback

Thanks for sharing your feedback!

A role is a way to to group permissions and to control other forms of access within Mambu.

A user in Mambu may be assigned permissions either directly or through a role. They cannot however be assigned both. For more information, see Understanding Users, Roles, and Permissions.

Please Note

This element can also be configured using Configuration as Code (CasC). For more information, see Configuration as Code.

Please be aware

We recommend assinging permissions to users through roles because it allows for more control over access in Mambu. For more information, see Access managed by role.

Warning!

In this article we are discussing user roles. These should not be confused with group role names that can be assigned to members of a group. They should also not be confused with client roles which is an alternative naming for client types, for more information, see Clients and Groups Overview.

Permissions for managing roles

The following permissions are required for you to be able to perform the relevant management actions on roles:

View Roles (VIEW_ROLE)
Create Roles (CREATE_ROLE)
Edit Roles (EDIT_ROLE)
Delete Roles (DELETE_ROLE)

You must have at least one of the above permissions to be able to see the Roles tab under Administration > Access.

Please be Aware

For security reasons, we recommend tightly controlling which users have role and user management permissions. For more information, see Limiting role and user management permission assignment.

Creating a role

To create a new role:

On the main menu, go to Administration > Access.
Select the Roles tab.
Select Add Role.
In the Create Role dialog, enter all the necessary information. For more information on the fields, see Fields for user roles below.
Select Save Changes.

Create Role view from where the name of the role, rights and permissions are set.

Fields for user roles

Name	Description	Required
Role Name	The name for the role. It must be unique and have a maximum length of 255 characters.	✔
ID	The ID for the role. Only alphanumeric characters, dashes, and underscores are allowed. If no ID is provided, then the system will automatically generate one.	✘
Type	An optional type for the user role. The options are administrator, teller, and credit officer.	✘
Access Rights	The platform access rights for the user role. The options are Mambu and API. Selecting API reveals additional API-only permissions.	✘
Permissions	The list of permissions that can be assigned to the user role.	✘
Notes	Additional notes that can be attached to the user role.	✘

Please be Aware

If you are creating a user for the Mambu UI, do not forget to select the Mambu checkbox under Access Rights. Otherwise your user will not be able to sign in to Mambu.

Editing a role

You can edit a role to update the name or permissions associated with that role.

To edit a role:

On the main menu, go to Administration > Access > Roles.
Locate the role you want to modify and select Actions > Edit.
Update the information as needed.
Select Save Changes.
Confirm.

Please Note

Whenever a role is updated, any users assigned to it will have their permissions updated as well.

Deleting a role

You might want to delete roles if you created a role that is no longer applicable. However, there are some types of roles that you can’t delete:

You can’t delete the preconfigured built-in roles Admin and Mambu Support.
You can’t delete roles that are currently assigned to one or more users. You must first remove the role from the relevant users.

To delete a role:

On the main menu, go to Administration > Access > Roles.
Locate the role you want to delete and select Actions > Delete.
Select Confirm.

Was this article helpful?

What's Next

Permissions

On this page

Permissions for managing roles
Creating a role
Fields for user roles
Editing a role
Deleting a role