• 29 Jun 2022
  • 3 Minutes To Read
  • Dark
  • PDF


  • Dark
  • PDF

Article Summary

A role is a way to to group permissions and to control other forms of access within Mambu.

A user in Mambu may be assigned permissions either directly or through a role. They cannot however be assigned both. For more information, see Understanding Users, Roles, and Permissions.

Please Note
This element can also be configured using Configuration as Code (CasC). For more information, see Configuration as Code.

Please be aware

We recommend assinging permissions to users through roles because it allows for more control over access in Mambu. For more information, see Access managed by role.


In this article we are discussing user roles. These should not be confused with group role names that can be assigned to members of a group. They should also not be confused with client roles which is an alternative naming for client types, for more information, see Clients and Groups Overview.

Permissions for managing roles

The following permissions are required for you to be able to perform the relevant management actions on roles:

  • View Roles (VIEW_ROLE)
  • Create Roles (CREATE_ROLE)
  • Edit Roles (EDIT_ROLE)
  • Delete Roles (DELETE_ROLE)

You must have at least one of the above permissions to be able to see the Roles tab under Administration > Access.

Please be Aware

For security reasons, we recommend tightly controlling which users have role and user management permissions. For more information, see Limiting role and user management permission assignment.

Creating a role

To create a new role:

  1. On the main menu, go to Administration > Access.
  2. Select the Roles tab.
  3. Select Add Role.
  4. In the Create Role dialog, enter all the necessary information. For more information on the fields, see Fields for user roles below.
  5. Select Save Changes.

Create Role view from where the name of the role, rights and permissions are set.

Fields for user roles

Role NameThe name for the role. It must be unique and have a maximum length of 255 characters.
IDThe ID for the role. Only alphanumeric characters, dashes, and underscores are allowed. If no ID is provided, then the system will automatically generate one.
TypeAn optional type for the user role. The options are administrator, teller, and credit officer.
Access RightsThe platform access rights for the user role. The options are Mambu and API. Selecting API reveals additional API-only permissions.
PermissionsThe list of permissions that can be assigned to the user role.
NotesAdditional notes that can be attached to the user role.
Please be Aware

If you are creating a user for the Mambu UI, do not forget to select the Mambu checkbox under Access Rights. Otherwise your user will not be able to sign in to Mambu.

Editing a role

You can edit a role to update the name or permissions associated with that role.

To edit a role:

  1. On the main menu, go to Administration > Access > Roles.
  2. Locate the role you want to modify and select Actions > Edit.
  3. Update the information as needed.
  4. Select Save Changes.
  5. Confirm.
Please Note

Whenever a role is updated, any users assigned to it will have their permissions updated as well.

Deleting a role

You might want to delete roles if you created a role that is no longer applicable. However, there are some types of roles that you can’t delete:

  • You can’t delete the preconfigured built-in roles Admin and Mambu Support.
  • You can’t delete roles that are currently assigned to one or more users. You must first remove the role from the relevant users.

To delete a role:

  1. On the main menu, go to Administration > Access > Roles.
  2. Locate the role you want to delete and select Actions > Delete.
  3. Select Confirm.

Was this article helpful?

What's Next