Company Settings Intermediate 6 min read

Team Roles & Permissions

Control what team members can see and do within your company

Team Roles & Permissions

Not everyone on your team needs access to everything. Hydra's role-based permissions system lets you control exactly what each team member can view and modify.

Understanding Roles

Hydra uses a role-based access control (RBAC) system. Each team member has a role that determines their permissions.

Default Roles

Role Description
Owner Full access, can delete company, transfer ownership
Admin Full access except ownership actions
Manager Manage day-to-day operations, team, and settings
Staff Handle service jobs and customer interactions
Viewer Read-only access to assigned areas

Role comparison chart in settings

Role Permissions Breakdown

Owner

The company owner has unrestricted access:

  • All admin capabilities
  • Transfer company ownership
  • Delete the company
  • Access billing and subscription

Note: There can only be one owner per company.

Admin

Administrators can:

  • Manage all team members and roles
  • Configure company settings
  • Access all service jobs and bookings
  • Manage integrations and API keys
  • View all reports and analytics

Cannot:

  • Transfer ownership
  • Delete the company

Manager

Managers can:

  • Invite and remove staff members
  • Assign roles (except Admin/Owner)
  • Manage service jobs and bookings
  • Configure operational settings
  • View team performance reports

Cannot:

  • Change company-wide settings
  • Access billing information
  • Manage integrations

Staff

Staff members can:

  • View and update assigned service jobs
  • Access customer information (limited)
  • Update their own profile
  • View their schedule

Cannot:

  • Invite team members
  • Access settings
  • View reports
  • See jobs not assigned to them

Viewer

Viewers can:

  • View service jobs (read-only)
  • View bookings (read-only)
  • Access basic company information

Cannot:

  • Make any changes
  • Access sensitive data

Permission matrix showing all roles and their access levels

Assigning Roles

When Inviting

  1. Go to CompanyTeam
  2. Click Invite Member
  3. Enter their email address
  4. Select a Role from the dropdown
  5. Click Send Invitation

Invite modal with role selection dropdown

Changing Existing Roles

  1. Go to CompanyTeam
  2. Find the team member
  3. Click the Edit icon
  4. Select a new role
  5. Click Save

Team member edit with role dropdown

Custom Permissions

For more granular control, customize permissions per role:

  1. Go to CompanySettingsRoles & Permissions
  2. Select a role to customize
  3. Toggle individual permissions on/off
  4. Click Save Changes

Custom permission toggles for a role

Available Permissions

Service Jobs

  • View all jobs / View assigned only
  • Create jobs
  • Edit jobs
  • Delete jobs
  • Change job status
  • Assign jobs to others

Bookings

  • View bookings
  • Create bookings
  • Modify bookings
  • Cancel bookings

Team

  • View team members
  • Invite members
  • Remove members
  • Assign roles

Settings

  • View settings
  • Modify general settings
  • Manage integrations
  • Access billing

Reports

  • View reports
  • Export data

Full permission list with checkboxes

Creating Custom Roles

Need a role that doesn't exist? Create your own:

  1. Go to SettingsRoles & Permissions
  2. Click Create Role
  3. Enter a Role Name
  4. Select permissions for this role
  5. Click Create

Create custom role form

Custom Role Ideas

  • Receptionist - Bookings and customer info only
  • Technician Lead - Staff permissions + assign jobs
  • Accountant - Reports and billing only
  • Trainee - View-only for learning

Transferring Ownership

To make someone else the owner:

  1. Go to CompanySettingsGeneral
  2. Scroll to Transfer Ownership
  3. Select the new owner (must be current admin)
  4. Enter your password to confirm
  5. Click Transfer

Transfer ownership section with user selection

Warning: This action is irreversible. The new owner will have full control.

Permission Inheritance

Some permissions cascade:

  • Admin inherits all Manager permissions
  • Manager inherits all Staff permissions
  • Staff inherits all Viewer permissions

Custom roles can break this inheritance with specific toggles.

Best Practices

Principle of Least Privilege

Give team members only the permissions they need:

  • New employees → Start as Viewer or Staff
  • Proven employees → Upgrade to Manager
  • Avoid making everyone an Admin

Regular Audits

  • Review permissions quarterly
  • Remove access for departed employees immediately
  • Check for inactive accounts

Document Your Roles

  • Keep a record of what each custom role does
  • Train team on their permissions
  • Update as responsibilities change

Troubleshooting

"Permission Denied" errors?

  • Check the user's role has required permission
  • Verify they're looking at assigned items only
  • Ask an admin to review their access

Can't change a user's role?

  • Only Admins and Owners can change roles
  • You can't give someone a higher role than your own
  • Owner role requires ownership transfer

Accidentally removed the wrong permission?

  • Changes take effect immediately
  • Re-add the permission the same way you removed it
  • Check with the affected user that they can access what they need