You manage Roles and Permissions in the Control Panel (Control Panel → Users → Roles). There you’ll find an application for creating Roles, granting them permissions, and assigning Users to them. Roles can be scoped by portal, Site, or Organization.
Defining a Role’s permissions is a topic deserving its own article. Read here about defining a role’s permissions.
Determine the scope of the Role you must create. Roles can be scoped globally (Regular Roles), to a specific Site (Site Roles), or to an Organization (Organization Roles).
To create a Role:
Click the tab for the proper Role scope, then click the Add () button.
Enter a title and description. The title field is required but the description is optional.
Enter a Key, if desired. This required field provides a key that can be used to refer to the Role programmatically. It’s auto-populated with the title text, but you can override it if desired.
Now the Role is present in the database and ready for further configuration.
Assign users to a Role in the Assignees tab of the Add/Edit Role form. Roles are assigned to Users, Sites, Organizations, or User Groups. Here’s how to assign the User Group Manager Role created in the last section to Users:
In the Assignees tab of the Add/Edit Role form, click the second level tab for Users.
Click the Add button ().
Select the Users you want to add to the Role and click Add.
If assigning a group, note that all Users assigned to that group inherit the Role as well.
That’s a good start, but your Role isn’t worth the database row it occupies without defining permissions for the Role. Read the next article to learn how.