Managing Users & Roles
Evrykit uses a role-based access control system. You define roles with a set of permissions, then assign users to those roles. Individual user permissions can be further refined on top of the role.
Creating a Role
1. Go to Administration โ Roles & Permissions and click New Role.
2. Enter a Display Name (e.g. Warehouse Clerk, Accounts Manager).
3. Optionally check Default Role โ new users will be assigned this role automatically.
4. Save and click Set Permissions to open the permission matrix.
The Permission Matrix
The permission matrix shows all available permissions organised by module. For each permission you can:
- Check to grant the permission to the role.
- Grant All (row header) to grant every permission in a feature group.
- Grant All (top bar) to grant every permission in the system.
๐ก Granting a parent permission (e.g. the entire Sales module) automatically grants all its child permissions. You don't need to check them individually.
Inviting a User
1. Go to Administration โ Users and click Invite User.
2. Enter the user's email address and select a Role.
3. The user receives an email invitation with a link to set their password and activate their account.
User-Level Permission Overrides
Sometimes a specific user needs slightly different access than their role provides. Instead of creating a new role, use per-user overrides:
- Default โ Inherits the role's grant state.
- Grant โ Explicitly allowed, even if the role doesn't grant it.
- Deny โ Explicitly blocked, even if the role grants it.
To set overrides, go to Administration โ Users, find the user, click Edit, then Permissions.
Built-in Roles
| Role | Description |
|---|---|
| Owner | Full access to everything including billing. |
| Admin | Full operational access; cannot manage billing. |
| User | Limited access based on assigned role permissions. |
โ ๏ธ The Owner role is assigned to the tenant creator and cannot be deleted or modified.