Roles & Permissions
Understand Fetchply's system roles, custom roles, and the exact permissions available in the RBAC matrix.
Permission System
Fetchply uses a granular role-based access control (RBAC) system. Permissions are grouped into 7 categories with 16 total permissions.
Permission Categories
| Category | Permissions | Description |
|---|---|---|
| Chatbot | chatbot.view, chatbot.edit, chatbot.delete, chatbot.retrain | View, update, delete, or retrain agents |
| Knowledge | knowledge.view, knowledge.manage | View or manage sources, files, and Q&A pairs |
| Conversations | conversations.view, conversations.export | Review chat history and export conversation data |
| Analytics | analytics.view, analytics.export | Access analytics dashboards and export analytics data |
| Leads | leads.view, leads.export, leads.delete | View, export, or remove captured leads |
| Settings | settings.manage | Manage agent settings and configuration |
| Team | team.invite, team.manage_access | Invite members and manage per-agent access |
System Roles
Each organization is seeded with four built-in system roles. These roles cannot be deleted, and they give teams a sensible starting point before creating custom roles.
Admin
Admins receive all 16 permissions. They can manage agents, sources, exports, leads, settings, and team access.
Editor
Editors can work on the agent itself without managing the team. They can edit and retrain agents, manage knowledge, export conversations and analytics, manage leads, and change settings.
Viewer
Viewers have read-only access. They can open agents, inspect knowledge, review conversations, see analytics, and view leads, but they cannot change anything.
Support Agent
Support Agents are scoped for support workflows. They can view agents, review conversations, view leads, and export leads, but they cannot edit agent configuration or team access.
System roles are seeded automatically per organization. You can assign them freely, but you cannot edit or delete them.
Custom Roles
Custom roles let you combine the permissions above into role profiles that fit your team. They are available on Pro and Business plans.
Creating a Custom Role
- Go to Dashboard → Team → Roles tab
- Click Create Role
- Enter a role name and description
- Choose a color for the role badge
- Select permissions using the permission matrix
- Save the role
Permission Matrix
The permission matrix lists all 7 categories and all 16 permissions. You can grant only the permissions a member needs, which is useful when someone should see analytics but not export them, or manage leads without touching settings.
Managing Custom Roles
- Edit — update the role name, description, color, or permissions
- Delete — only possible if no members are assigned that role; otherwise the API returns
409 Conflict
Plan restriction: Free and Starter workspaces can assign system roles, but custom roles require a Pro plan or higher.
Role Assignment
Roles are assigned per agent. A member can be an Admin on one agent, a Viewer on another, and have no access to a third.
- Marketing lead → Admin on the marketing agent, Viewer on the support agent
- Support teammate → Support Agent on the support agent, no access elsewhere
- Executive → Viewer across multiple agents
Owner Permissions
The workspace owner always has full access across all agents, regardless of role assignments. Owner access is not restricted by the role matrix.