# Roles ## Overview Servoy Cloud uses Role-based access control, which refers to the idea of assigning permissions to users based on their role within an application. A role is basically a collection of permissions that you can apply to users from any application within the namespace. Unlike permissions, roles are defined on namespace level. They make it easier to add, remove, and adjust permissions than assigning permissions to users individually. When planning your access control strategy, it's best practice to assign users the fewest number of permissions that allow them to get their work done. ## Manage Role ### Create Role {% hint style="warning" %} Role names should be unique within a namespace {% endhint %} To create a Role for ServoyCloud Applications: 1. Navigate using the menu to `User Management-> Roles` 2. Click on the button `Create Role` to prompt a dialog 3. Define the role details 4. Save and be automatically redirected to Role Details page

Create Role for ServoyCloud Application in Cloud Control Center

{% hint style="success" %} You have successfully created a Role for ServoyCloud Applications and can proceed with adding permissions and users to it. {% endhint %} ### Edit Role To edit Role details/settings: 1. Navigate to Roles using the menu to `User Management -> Roles` 2. Navigate to `Role Details` using the `context menu` of the chosen role ![](/files/r8eOmT1mq91qAystggwF) 3. Click the `Settings` tab 4. Edit details 5. Save {% hint style="success" %} You have successfully edited role details/settings. {% endhint %} ### Delete Role {% hint style="warning" %} Deleting a Role defined for ServoyCloud Applications is permanent. Associated permissions will not be deleted, however users who have this role will lose access to these permissions. {% endhint %} To delete a Role from a ServoyCloud Application: 1. Navigate to using the menu to `User Management -> Roles` 2. Click the `context menu` of the chosen role ![](/files/r8eOmT1mq91qAystggwF) 3. Click Delete Role 4. Confirm intent to delete ServoyCloud Application Role {% hint style="success" %} You have successfully deleted a Role defined for ServoyCloud Applications and it has been automatically removed from all the users it was assigned to. {% endhint %} ## Manage Role Permissions ### Add Permission To add a permission (any type) to a role defined for ServoyCloud Applications: 1. Navigate using the menu to `User Management -> Roles` 2. Navigate to `Role Details` using the `context menu` of the chosen role ![](/files/r8eOmT1mq91qAystggwF) 3. Click the `Permissions` tab 4. Add permissions using the button `Add Permissions` 1. If no permissions have been defined, see [Security](/reference/servoy-cloud/cloud-control-center/application-overview/applications/security.md) 5. Select desired permissions from existing applications 6. Add permissions {% hint style="success" %} You have successfully added a permission to a role defined for ServoyCloud Applications. Users who have this role will receive all permissions assigned to that role. {% endhint %}

Add permissions to Role defined for ServoyCloud Applications

### Remove Permission To remove a permission from a role defined for ServoyCloud Applications: 1. Navigate using the menu to `User Management -> Roles` 2. Navigate to `Role Details` using the `context menu` of the chosen role ![](/files/r8eOmT1mq91qAystggwF) 3. Click the `Permissions` tab 4. Click on the remove icon of the chosen permission 5. Confirm intent to remove permission and revoke it from all users with this role {% hint style="success" %} You have successfully removed a permission from a role defined for ServoyCloud Applications and it has been automatically revoked from all users which had this role. {% endhint %}

Remove permission from Role defined for ServoyCloud Applications

## Manage Role Users ### Assign User to Role {% hint style="info" %} If a user has several role assignments, the user permissions are the union of all role permissions. {% endhint %} To assign Roles to Users or add users to Role: 1. Navigate using the menu to `User Management -> Roles` 2. Navigate to `Role Details` using the `context menu` of the chosen role ![](/files/r8eOmT1mq91qAystggwF) 3. Click the `Users` tab 4. Add users using the button `Add Users` 1. If no users have been created, see [Users](/reference/servoy-cloud/cloud-control-center/user-management/security-users.md) 5. Select the users to which the role should be assigned 6. Assign role {% hint style="success" %} You have successfully assigned a user to a role group defined for ServoyCloud Applications. The user will now have all the permissions associated with this role. {% endhint %}

Assign Role to Users defined for ServoyCloud Applications

### Remove User from Role To remove a user from a role group: 1. Navigate using the menu to `User Management -> Roles` 2. Navigate to `Role Details` using the `context menu` of the chosen role ![](/files/r8eOmT1mq91qAystggwF) 3. Click the `Users` tab 4. Click on the remove icon of the chosen user 5. Confirm intent to remove user from role group and revoke all associated permissions {% hint style="success" %} You have successfully removed a user from a role group defined for ServoyCloud Applications and automatically revoked all associated permissions. {% endhint %}

Remove User defined for ServoyCloud Applications from Role group

--- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.servoy.com/reference/servoy-cloud/cloud-control-center/user-management/security-roles.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.