Overview
Role-based access control (RBAC) lets you define exactly what each team member can see and do inside Salesbricks. Instead of granting every user full admin access, you assign each person a role that matches their job function. Salesbricks ships six built-in system roles (read more below) and enforces those permissions automatically across every part of the platform — orders, customers, billing, products, reports, and settings.
Requirements
RBAC must be enabled on your Salesbricks seller org. Settings tabs and buttons that depend on RBAC will be hidden or disabled until the feature is active. To set up roles for your team, your Salesbricks user must have the Admin role, or a role with full access to Team management and Role management permissions, to invite team members and change role assignments.Built-in system roles
Salesbricks provides the following system roles out of the box. System roles cannot be deleted or modified.Add a new team member & assign a role
1
In Salesbricks, go to Settings -> Team.

2
Click “New team member” in the top-right corner of the page.
3
A drawer slides in from the right. Fill in the following fields:
- First name (required)
- Last name (required)
- Email (required) — must be a valid email address
- Use the “Role” dropdown to select one of the available system roles.
- Use the “Job title” dropdown to select a title, or choose “Add a title” to type a custom one.
- Set a “Maximum discount threshold” (0–100%) to cap how large a discount this user can apply to orders.
4
Click “Create” to send the invitation.
Edit a team member’s role

1
In Settings -> Team, find the team member in the table. Click the row to open and edit their profile.
2
Select the new role in the Role dropdown.
3
Update any other fields as needed and click “Save”.
View a role’s permissions
Each system role has a detail page that shows its full permission matrix.
1
In Settings -> Team, click “View roles” in the top-right corner.
2
You are redirected to the Roles list. Click any role name to open its detail page and view the permissions for that system role.
3
The System role access comparison guide allows you to compare access levels of all 6 system roles side-by-side.
Deactivate a team member

1
In Settings -> Team, click the action menu on the right side of the team member’s row.
2
Select “Deactivate” to revoke the user’s access immediately.
Deactivating a team member does not delete their historical data — their orders, customers, and other records they created in Salesbricks remain intact.Admins may reassign a deactivated user’s open orders and active subscriptions to new account representative under Customers.Their user account can be restored by reaching out to Salesbricks Support.
Reset a team member’s password

1
In Settings -> Team, click the action menu on the right side of the team member’s row.
2
Select “Reset password.”Salesbricks sends a password reset email to the email address the team member uses for login. If successful, a confirmation dialog appears, along with the email address for verification.
Frequently asked questions
Can I create my own custom roles?
Can I create my own custom roles?
Custom roles are on the roadmap. At launch, only the six built-in system roles are available.
What happens if I assign someone the View Only role by mistake?
What happens if I assign someone the View Only role by mistake?
A user with the proper access can edit the team member and select the correct role. Permission changes take effect immediately on the user’s next page load.
Who can see the full team list?
Who can see the full team list?
A user with the proper access can see all team members. Users with more restricted roles, such as View Only, can only see their own record.
Does RBAC apply to the Salesbricks API?
Does RBAC apply to the Salesbricks API?
API token requests run with full Admin permissions and are not restricted by role assignments.