Super Admins can create custom roles for internal users and control which permissions each role includes. Super Admins can also customize permissions for individual users when one person needs access that is different from their assigned role.
Who can manage roles and permissions?
Only Super Admins have the ability to create custom roles and manage permissions. Any custom roles you create apply organization-wide — they can't be scoped to specific locations or business units. You can create as many custom roles as you need, with no limit. You can see who last updated and when that last update was made on the Roles tab.
How do I create a custom role?
To create a custom role:
- Go to Admin.
- Click Users.
- Open the Roles tab.
- Click Create Custom Role in the top-right corner.
- Enter a role name. The name you choose must be unique.
- Add an optional description. The description appears in the role list and helps your team understand the purpose of the role.
- Choose an existing role to copy permissions from. This gives you a starting point that you can update.
- Click Save.
You can also duplicate an existing role by clicking the kebab menu on the right side of the screen and clicking Duplicate Role.
After you save the role, you can turn permissions on or off for that role. As new permissions are added in future releases, they will default to OFF for each custom role. A Super Admin will need to manually enable the new permissions for each role that should have access.
You can view the default roles already available in your portal:
- Super Admin
- Admin
- Associate
- Salesperson
- Marketer
You can open any default role to see which permissions it includes. Default role permissions cannot be edited.
To delete a Custom Role, click the kebab menu on the right side of the role in the list view. Then click Delete Role. If any users are currently assigned to the role, you will be prompted to reassign them before you delete the role. A role cannot be deleted when users are assigned to it.
What permissions can I add to a custom role?
Permissions are grouped by category. After you create a custom role, you can enable or disable any available permissions for that role.
Category |
Permissions |
| Clients |
Edit Account IDs - add and edit account IDs from the client profile Edit salesperson assignments - assign salespeople to clients Invite Clients - send invitations to clients Financial Data Access - view financial data related to the customer account Send Text Messages - send text messages to the user's accessible clients |
| Admin |
Edit Super Admins - assign the super admin role to other users Manage permissions - edit permissions for users and roles |
| Marketing | View Marketing tab - view the Marketing tab in the navigation menu |
| Financing |
View CFA payments page - view and process CFA payments View Balances dashboard - view financing program balance dashboards Pay with John Deere Financial - submit payments using JDF funds View JDF Payments Page - view JDF payments |
| Suppliers |
View Crop Protection - access the orders, invoices, and purchase history Propane - Basic Access - view contracts, manifests, invoices, pricing, and reports. Propane - Full Access - basic access plus contract editing, manifest management, programs, and propane supply planning and nominations. Refined Fuels - Basic Access - view contracts, manifests, allocations, invoices, pricing, and reports Refined Fuels - Full Access - basic access plus contract editing, manifest management, and program sales reconciliation Refined Fuels - View Credit - view the Credit tile |
| Business Intel | Create reports and goals - create and edit BI reports and goals |
| Grain |
View Grain tab - view the Grain tab in the navigation menu and dashboard Upload Elevator Hours - access uploader for elevator hours from Grain |
| Energy | View Energy tab - view the Energy tab in the navigation menu and dashboard |
More permissions may be added in future releases. If there is a permission your team would find useful, contact the Partner Experience Team.
How do I assign a custom role to users?
Once a role is created, you can assign it to one user or multiple users. Users can only have one assigned role at a time. Continue reading to learn how to customize permissions for individual users.
Assign a role to multiple users
- Go to Admin.
- Click Users.
- Use the checkboxes to select one or more users.
- Click Edit Role.
- Choose the new role from the New Role dropdown.
- Click Save Role.
If any selected user already has customized individual permissions, the platform will notify you. Assigning a new role does not remove previously granted individual permissions.
Assign a role to one user
You can also assign a role when:
- editing an existing user
- creating a new user
The custom role will appear as an option in the Role dropdown in the user record.
How do I see which users have a role?
There are two ways to see role assignments.
From the Users page
Go to Admin > Users and use the All Roles dropdown to filter the user list. This helps you:
- See which users are assigned to each role
- Identify which users have customized individual permissions outside of their role for auditing
From the Roles page
- Go to Admin > Users > Roles.
- Open a role.
- Click See Assigned Users in the top-right corner.
This opens a filtered list of users assigned to that role.
How do I edit a custom role?
To edit a custom role:
- Go to Admin > Users > Roles.
- Use the kebab menu to open the options for the custom role you want to update.
- Click Edit Name & Description to update the role name or description.
- Click Edit Permissions to change the permissions included in the role.
Changes made to a custom role apply to all users who are currently assigned to that role.
Only custom roles can be edited.
How do I customize permissions for one user?
You can customize permissions for an individual user without creating a separate role. This is helpful when most users should share the same role, but one or two people need extra access.
For example, you may want to:
- allow a Salesperson to create Business Intel reports or goals
- allow an Associate to assign salespeople to clients
To customize permissions for one user:
- Go to Admin.
- Click Users.
- Search for and open the user you want to edit.
- Click the arrow next to User Information.
- Click Customize Permissions below the Role field.
- Turn individual permissions on or off.
- Click Save.
You can reset a user's custom permissions back to the default for their role by following this same path. When you get to the Customize Permissions screen, just click Reset to Default in the yellow bar.
How do roles and individual permissions work together?
A user can have both:
- an assigned role
- customized individual permissions
The assigned role controls that user’s standard access. Individual permission changes let you add or remove access for that specific user without changing the role for anyone else.
If you assign a new role to a user who already has customized permissions, those individual permission changes remain in place.
How does Grain and Energy access work?
Grain and Energy access can now be controlled through permissions.
Previously, access to the Grain and Energy tabs and dashboards was controlled by the user’s Business Unit assignments. With this update, you can give a user access to these pages without assigning that user to a Grain or Energy Business Unit.
This is useful when someone needs to view Grain contracts or Energy information but should not be grouped into that Business Unit.
Users who already had access to Grain or Energy through previous setup should continue to have access without any changes.
Frequently Asked Questions
How do custom roles interact with location-based access or assigned clients for Salespeople?
Users will still be restricted to the locations and customers they have access to based on their assignments within the custom permissions they are granted.
If a user has an individual permission enabled, but the assigned role disables it later, which setting takes priority?
Individual permission overrides always take precedence over the assigned role for that user. If their role is adjusted, any permission that was customized will remain in place.
Are there recommended best practices for deciding when to use a custom role versus individual permission customization?
If two or more users will have the same custom permissions or you think someone else may need the exact same access in the future, we recommend creating a role. It will be easier to add or remove permissions as more become available this way.
Will users need to log out and back in before permission changes take effect?
No. Permission changes should take effect immediately. They may need to refresh the page they are on to see updates.
Are permission changes reflected differently in the mobile app versus desktop?
No. Permissions are the same in web and mobile.
If you have any questions related to this article or anything else, please reach out to our Partner Experience Team at help@agvend.com or at 512-812-9399.