User Roles and Permissions are applied to User or Team access to via the Accounts instance settings drawer. Role permissions range from limiting the types of resources a user can access to whether they can save, create, delete or publish.
All users are managed by Owner and Admin user roles. Access and roles are specific to an individual user's role on a single instance. If they are a member of a team then their access will be limited to the team's role as its assigned on an instance.
Full access to all sections: Content, Media, Web IDE, Leads, Analytics, Schema, Health, Audit Trail, and Settings. In Accounts they have full access as well which includes the ability to: launch instances, add domains, invite new users and set their roles, add a team, create tokens, and reset the blueprint.
Admins have the same privileges as the Owner role except for deleting other users.
Access to: Content, Media, Web IDE, Leads, Analytics, Schema, Health, and Settings sections.
Access to: Content, Media, Leads, Analytics, and Health sections.
Access to Content, Media, Leads, and Analytics sections.
Access to Content and Media sections.
Contributors can create and edit but they cannot publish content. To publish new content, contributors must submit a workflow request to a user with publishing access.
Contributors can access media and add files, but they cannot delete files.