Access / Role Management¶
Overview¶
Different OroCRM users require different information and tools. A user’s ability to access data and perform actions in the system depends on the following:
Roles assigned to the user:
E.g., sales representatives and system administrators need very different data and require different access to it.
- Actions a user can perform with particular data depend on access levels set for these actions in the user’s role.
- Roles also control access to certain parts of the system.
Therefore, for some users interface may not always look like on the images in this guide.
Users can check which roles are assigned to them on the My User page (see Access You User Page section).
Organizations and units which the user has access to or is owned by:
E.g., users who work in different offices usually must have access to data exclusively within their office.
This information users also can see on the My User page.

An owner of particular data:
When we say that user must have access only to the data of their office, we need to specify which data belongs to which office.
- In its turn, who can be a data owner depends on the ownership type setting for a data. This setting defines whether the data can belong to a particular user or, for example, it is something like a company address book and thus, can belong only to the whole company but not its subunits or users.
Users who create or edit a record can specify a record owner. The range from which they can pick up a record owner depends on the user role(s) and the ownership type of an entity the record of which they create / edit.
Links¶
For how to configure roles, see the Roles Management guide.
For more information on access levels, see the Access Levels guide.
For how to configure which business units and organization the user has access to, see the User Access Settings guide.
For how to define which entity can be an owner of the entity, see the Ownership Type guide.
For examples on access configuration, see the Access Configuration Examples guide.
- Roles Management
- Role on the Interface
- Actions with Roles
- Permissions for an Entity Field (Field Level ACLs)
- User Access Settings
- Ownership Type
- Access Levels
- Access Configuration Examples
- Capabilities List
- Abandoned Cart Campaign Manipulations
- Data Audit
- Dotmailer Statistic
- Export Entities
- General Import/Action Operations
- Import Entities
- Jobs Management
- MailChimp Manipulations
- Manage Configurable Entities
- Manage Organization Calendar Events
- Manage System Calendar Events
- Manage System Calendars
- Manage Users’ Passwords
- Merge Entities
- Outlook Integration
- Read Address Dictionaries
- Search
- Send Campaign Emails
- Share Grid View
- System Information
- System Configuration
- Tag Assign/Unassign
- Unassign All Tags From Entities
- Unshare Grid View
- View SQL Query of a Report/Segment
- Workflow Manipulations
- Default Configurations Table