This article outlines the permissions that can be added to a role. There are three main access levels for each permission:
Manager: Can create, update, and delete items
Developer: Can deploy environments
Read Only: Has view-only access
Create
Apps: Gives access to applications for your instance
App Customization: Allows users to customize app settings and design
App Users: Allows users to manage or view app users and SAML configurations
Forms: Gives access to Forms for your instance. This permission requires at least Read Only Integrations permissions to set up some submission events, and at least Read Only API Hosting permissions to set up the "Webhook: Hosted API" submission event.
Submission Data: Gives access to Submission Data for forms
Data Manager, Approvers, Volunteers: Gives access to the Data Manager, Approvals, and Volunteer configurations
Scheduled Tasks: Gives access to create and manage tasks, actions, and groups.
Advanced
Environments: Gives access to the Environments for your instance
Lists: Allows users to manage Lists
Lookups: Allows users to manage or view Lookups
Email Templates: Gives access to Email Templates
Scheduling, Integrations & Development Keys: Gives access to the scheduling, integrations, and developer keys functions of your instance
Developer
API Hosting: Allows users to manage or view Hosted APIs and deploy environments
Web/CDN Hosting: Allows users to manage or view Web/CDN Hosting and deploy environments
Administration
Team Members: Gives access to Team Members for the instance
Roles: Allows users to manage or view Roles
Note: We recommend only giving Manager access for this permission to the Owner role.
Auditing: Allows users to view Audit records
Retention Policies: Allows users to manage or view data retention policies, data manager form selection
Note: We recommend only giving Manager access for this permission to the Owner role.
Billing: Gives access to available billing solutions