User permissions
Last updated: July 16, 2025
User permissions enable you to control what your Dashboard users can access and what actions they can take. If you have multiple entities, you can also specify which entities each user has access to.
There are various pre-defined roles that have a fixed set of permissions. You can also create custom roles with specific permissions to meet your needs. Roles can apply to individual users or groups of users.
This page also provides guidance on how to manage your users.
The Dashboard has the following pre-defined roles that have a fixed set of permissions:
Certain tasks in the Dashboard require a specific permission to carry out. Each permission may be available to one or more pre-defined roles. You can also add certain permissions individually to custom roles.
Permission | Pre-defined roles |
---|---|
Account | |
Manage account structure Cannot be added to a custom role | Account owner |
Manage processing settings (website URLs, payment methods, processing channels, and account structure) Cannot be added to a custom role |
|
Manage team security settings including single sign-on Cannot be added to a custom role |
|
Transfer ownership Cannot be added to a custom role | Account owner |
View account settings (business stakeholders, billing descriptors, processing channels, bank settlements, business contacts and payment methods) |
|
View sensitive business stakeholder details Cannot be added to a custom role |
|
Account activation | |
Manage applications for new entities and sub-entities Cannot be added to a custom role | Account application only |
Account rules | |
Create, edit, or delete rules For configuring account rules, including approval flows | Admin |
View the list of rules For account rules configured on the account | Admin |
Business account | |
View all sub-account balances | Admin |
Compliance | |
Manage compliance requests |
|
View compliance requests |
|
Developers | |
Create new keys |
|
Edit Issuing authorization relay settings |
|
Edit or delete keys | None |
View the list of keys |
|
Disputes | |
Accept disputes and submit evidence |
|
View unanswered and all disputes lists |
|
Fraud management | |
Decline high-risk payments |
|
Funds management | |
Access spending credentials for all cards Beta For all the entity’s Corporate Cards | Admin |
Create new, rename, and change limits for all cards Beta For Corporate Cards, including changing card users and revoking cards | Admin |
View last four digits, transactions, and card name for all cards Beta For all the entity’s Corporate Cards | Admin |
View spending credentials and transactions for cards assigned to them Beta For Corporate Cards assigned to you, including suspending and reactivating cards |
|
Homepage & analytics | |
View homepage, KPIs, and Analytics section |
|
Invoices | |
View and download monthly fees invoices | Admin |
Issuing | |
Create and edit cards and cardholders; Simulate transactions |
|
View all transactions, cards, cardholders, and card products |
|
View card number and CVC2 | Admin |
Network tokens | |
Access to download the reports from Network Tokens Dashboard page |
|
Manage access from the Network Tokens Dashboard page - Enable, Disable, Add, Modify configurations for NT | Admin |
Read access to the Network Tokens Dashboard page |
|
Notifications | |
Create, edit and delete workflow notifications |
|
View secret keys |
|
View the list of workflow notifications |
|
Payments | |
Capture payments |
|
Manage payment documents |
|
Refund payments |
|
View and manage billing descriptors | Admin |
View and search for payments |
|
View, approve or reject pending refund requests triggered by account rules | Admin |
View payment details |
|
Void payments |
|
Payments creation | |
Create payments (Payment Links and manual payments) |
|
View all Payment Links |
|
Personally identifiable information (PII) | |
View customer PII (such as name, card number and email) |
|
Reports | |
View and generate payment reports |
|
Settlements | |
View and search for settlements |
|
View sensitive bank account details for settlements | Admin |
View settlements details and download the transaction breakdown report |
|
Sub-entities | |
Download files associated with sub-entities |
|
Onboard and edit sub-entity details |
|
View list of own sub-entities only |
|
User management | |
Create, edit, and delete custom roles Cannot be added to a custom role |
|
Create, edit, and delete users on the account |
|
View the list of users on the account |
|
Vault | |
Access to download the reports from Vault Dashboard page |
|
Manage access from the Vault Dashboard page - Create, Delete, Edit Instruments | Admin |
Read access to the Vault Dashboard page |
|
You must have the Admin role to create custom roles and assign them to users.
- Sign in to the Dashboard.
- Select the Settings menu in the top navigation bar.
- Under Team settings, select Roles and permissions.
- Under the Popular roles section, select View all roles.
- On the Roles page, under Organization roles, select New role.
- On the Create custom role page, under Settings, enter the Role name and Description.
- Under Permissions, select the relevant permissions for the role.
You must assign at least one permission and can assign as many as needed, except for the following, which aren't available for custom roles:
- User management – Account owner and Admin roles only
- Manage team security settings including single sign-on – Account owner and IAM admin roles only
- Manage processing settings (website URLs, payment methods, processing channels and account structure) – Account owner and Admin roles only
- Save the custom role by selecting Create custom role.
The new role is displayed in the Popular roles section.
To view all custom and pre-defined roles set up and currently active for your organization:
- Sign in to the Dashboard.
- Select the Settings menu in the top navigation bar.
- Under Team settings, select Roles and permissions.
- Select View all roles.
You can edit permissions assigned to a role at any time.
Note
Editing a role affects the permissions for all users assigned to that role.
When a role is no longer needed, you can delete it from the Role details page for that role.
Note
Any user assigned to a role that is deleted is transferred to the Read only role by default.