Roles & Permissions
Naturalead uses Role-Based Access Control (RBAC) with 5 roles and 33 permissions across 12 domains.Roles
| Role | Description | Use Case |
|---|---|---|
| Owner | Full access to all resources and settings | Account administrators |
| Integrator | Integration setup, API key management, audit access | DevOps and integration engineers |
| AI Architect | Agent configuration, knowledge base management, A/B testing | AI/ML team members |
| Operator | Lead management, conversations, campaigns, analytics | Sales and operations teams |
| Analyst | Read-only access across most domains | Reporting and business analysts |
Permissions matrix
Dashboard
| Permission | Owner | Integrator | AI Architect | Operator | Analyst |
|---|---|---|---|---|---|
dashboard:view | Yes | Yes | Yes | Yes | Yes |
Leads
| Permission | Owner | Integrator | AI Architect | Operator | Analyst |
|---|---|---|---|---|---|
leads:view | Yes | - | - | Yes | Yes |
leads:import | Yes | - | - | Yes | - |
leads:start_conversation | Yes | - | - | Yes | - |
leads:sync_create | Yes | Yes | - | - | - |
leads:sync_delete | Yes | - | - | - | - |
Conversations
| Permission | Owner | Integrator | AI Architect | Operator | Analyst |
|---|---|---|---|---|---|
conversations:view | Yes | - | Yes | Yes | Yes |
conversations:edit | Yes | - | - | Yes | - |
conversations:send_message | Yes | - | - | Yes | - |
conversations:change_status | Yes | - | - | Yes | - |
Agent Config
| Permission | Owner | Integrator | AI Architect | Operator | Analyst |
|---|---|---|---|---|---|
agent_config:view | Yes | - | Yes | - | Yes |
agent_config:edit | Yes | - | Yes | - | - |
Knowledge Base
| Permission | Owner | Integrator | AI Architect | Operator | Analyst |
|---|---|---|---|---|---|
knowledge:view | Yes | - | Yes | - | Yes |
knowledge:upload | Yes | - | Yes | - | - |
knowledge:delete | Yes | - | Yes | - | - |
Campaigns
| Permission | Owner | Integrator | AI Architect | Operator | Analyst |
|---|---|---|---|---|---|
campaigns:view | Yes | - | - | Yes | Yes |
campaigns:create | Yes | - | - | Yes | - |
campaigns:edit | Yes | - | - | Yes | - |
campaigns:launch | Yes | - | - | Yes | - |
campaigns:delete | Yes | - | - | - | - |
Analytics
| Permission | Owner | Integrator | AI Architect | Operator | Analyst |
|---|---|---|---|---|---|
analytics:view | Yes | - | - | Yes | Yes |
Integrations
| Permission | Owner | Integrator | AI Architect | Operator | Analyst |
|---|---|---|---|---|---|
integrations:view | Yes | Yes | - | - | - |
integrations:edit | Yes | Yes | - | - | - |
integrations:test | Yes | Yes | - | - | - |
integrations:provision | Yes | Yes | - | - | - |
A/B Testing
| Permission | Owner | Integrator | AI Architect | Operator | Analyst |
|---|---|---|---|---|---|
ab_testing:view | Yes | - | Yes | - | Yes |
ab_testing:manage | Yes | - | Yes | - | - |
API Keys
| Permission | Owner | Integrator | AI Architect | Operator | Analyst |
|---|---|---|---|---|---|
api_keys:view | Yes | Yes | - | - | - |
api_keys:manage | Yes | - | - | - | - |
Audit
| Permission | Owner | Integrator | AI Architect | Operator | Analyst |
|---|---|---|---|---|---|
audit:view | Yes | Yes | - | - | Yes |
audit:export | Yes | - | - | - | - |
Team & Account
| Permission | Owner | Integrator | AI Architect | Operator | Analyst |
|---|---|---|---|---|---|
team:view | Yes | Yes | Yes | Yes | Yes |
team:invite | Yes | - | - | - | - |
team:remove | Yes | - | - | - | - |
team:change_role | Yes | - | - | - | - |
account:view | Yes | Yes | Yes | Yes | Yes |
account:edit | Yes | - | - | - | - |
API key scope restrictions
When creating an API key, you can only assign scopes that your role has permission for:- An Operator can create a key with
leads:view,leads:import,campaigns:view, etc. - An Operator cannot create a key with
integrations:edit(they don’t have that permission). - Only the Owner role can grant all scopes.