Roles & Permissions
Control what each role can do in your organization.
Quick Access
Understanding Roles
Roles define what users can see and do in TeamMap. Each user is assigned one role that determines their permissions.
System Roles
TeamMap includes these built-in roles:
| Role | Access Level | Best For |
|---|---|---|
| Owner | Full access + billing + ownership transfer | Organization owner |
| Admin | Full access to all features and settings | IT admins, operations managers |
| Manager | Create and manage operational entities | Team leads, supervisors |
| Dispatcher | Assign tasks, manage incidents and shifts | Dispatch center staff |
| Member | View and complete assigned work | Field staff, guards, workers |
| Viewer | Read-only access to all data | Auditors, observers |
| Portal User | Limited client portal access | External clients |
Permission Types
Each role has permissions for different actions:
| Permission | Description |
|---|---|
| View | See the entity and its details |
| Create | Create new entities |
| Edit | Modify existing entities |
| Delete | Remove entities |
| Assign | Assign entities to users or groups |
Role Details
Owner
- Everything an Admin can do, plus:
- Manage billing and subscription
- Transfer organization ownership
- Cannot be removed by other admins
There can only be one Owner per organization. Transfer ownership carefully.
Admin
Full access to manage your organization:
| Entity | Permissions |
|---|---|
| Tasks, Incidents, Shifts, Events | View, Create, Edit, Delete, Assign |
| Forms, Locations, Routes | View, Create, Edit, Delete, Assign |
| Users, Groups, Channels | View, Create, Edit, Delete |
| Roles, Settings | View, Create, Edit |
| Clients, Inventory | View, Create, Edit, Delete, Assign |
Manager
Operational management without user administration:
| Entity | Permissions |
|---|---|
| Tasks, Incidents, Shifts, Events | View, Create, Edit, Delete, Assign |
| Forms, Routes, Clients | View, Create, Edit, Delete, Assign |
| Locations, Markers, Shapes | View, Create, Edit, Delete |
| Users, Groups, Channels | View only |
Dispatcher
Real-time coordination focus:
| Entity | Permissions |
|---|---|
| Tasks, Incidents, Shifts | View, Create, Edit, Delete, Assign |
| Events, SOS | View, Create, Edit, Delete |
| All other entities | View only |
Member
Complete assigned work:
| Entity | Permissions |
|---|---|
| All entities | View, Create |
| Assigned items | Edit (their own assignments) |
Viewer
Read-only access:
| Entity | Permissions |
|---|---|
| All entities | View only |
Portal User
External client access (scoped to their client):
| Entity | Permissions |
|---|---|
| Routes, Incidents | View (their client only) |
| Incidents | View, Create (their client only) |
Custom Roles
Create custom roles for specific needs:
Creating a Custom Role
- Go to Settings → Roles
- Click + New Role
- Enter role name and description
- Configure permissions for each entity:
- Toggle View, Create, Edit, Delete, Assign
- Set management level (who this role can manage)
- Click Save
Editing Roles
- Go to Settings → Roles
- Click the role to edit
- Modify permissions as needed
- Changes apply immediately to all users with that role
System roles (Owner, Admin, etc.) cannot be edited, but you can create custom roles based on them.
Assigning Roles
To a Single User
- Go to Settings → Team
- Find the user
- Click Edit or the role dropdown
- Select the new role
- Save changes
During Invite
When inviting new users:
- Click Invite Member
- Enter email address
- Select role from dropdown
- Send invitation
Bulk Role Assignment
- Go to Settings → Team
- Select multiple users (checkboxes)
- Click Bulk Actions → Change Role
- Select the new role
- Confirm
Management Levels
Roles have a level that determines who can manage whom:
| Level | Role |
|---|---|
| Highest | Owner |
| High | Admin |
| Medium-High | Manager |
| Medium | Dispatcher |
| Standard | Member |
| Limited | Viewer |
| External | Portal User |
Higher level roles can:
- Manage users below them
- Override some restrictions
- Approve actions that need authorization
How Permissions Work Together
Some permissions need others to work:
- To Edit something, you need to be able to View it first
- To Delete something, you need to be able to View it first
- To Assign something, you need both View and Edit
The system handles this automatically - if you turn on Delete, View turns on too.
Scoped Permissions
Some roles have scoped permissions:
Portal User Scoping
Portal users only see data associated with their client:
- Routes assigned to their client
- Incidents at their client locations
- Submissions for their client
Group-Based Scoping
Configure roles to see only their group’s data:
- Enable Group Scoping on the role
- User only sees entities assigned to their groups
- Useful for multi-site organizations
Common Questions
How do I give someone admin access?
Assign them the Admin role: Settings → Team → User → Change Role → Admin
Can I create a role with only specific features?
Yes! Create a custom role and enable only the permissions you need.
What happens if I delete a role?
Users with that role are automatically reassigned to the Member role. You’ll see a confirmation before deletion.
Can users have multiple roles?
No, each user has one role. Create a custom role if you need a combination of permissions.
How do I know what role someone has?
View their profile or check the Team list - roles are displayed next to each user.
Can I prevent someone from deleting data?
Yes, create or use a role without Delete permissions. They can view and edit but not remove data.