Roles Overview

Understand role-based access control.

What is a Role?

A role defines what a user can do and see in NetSuite:

ROLE = PERMISSIONS + RESTRICTIONS + FORMS + DASHBOARD
===============================================================================

Example: Sales Representative Role

PERMISSIONS (What they can DO):
├── Create sales orders: ✓
├── View invoices: ✓
├── Edit customer records: ✓
├── See cost data: ✗
└── Access setup menus: ✗

RESTRICTIONS (What they can SEE):
├── Only their location
└── Only sales department

FORMS (What forms they USE):
└── Simple sales order form

DASHBOARD (Their home page):
└── Sales-focused dashboard

Why Use Roles?

Goal	How Roles Help
Security	Users only access what they need
Simplicity	Hide complex features from basic users
Compliance	Audit trail shows who did what
Efficiency	Streamlined interfaces per job function

Standard vs Custom Roles

ROLE TYPES
===============================================================================

STANDARD ROLES (Built-in):
├── Administrator
├── Sales Representative
├── A/P Clerk
├── A/R Clerk
├── Accountant
├── Warehouse
└── Many more...

CUSTOM ROLES (You create):
├── Clone standard + modify
├── Or build from scratch
└── Tailored to your needs

How Roles Work

User-Role Relationship

ONE USER, ONE OR MORE ROLES
===============================================================================

User: John Smith
├── Role 1: Sales Representative (default)
├── Role 2: Report Viewer
└── Role 3: (can add more)

John logs in:
├── Gets Sales Representative role (default)
├── Can switch to Report Viewer if needed
└── Has combined access when switching

When a user logs in:

Default role loads automatically
User sees that role's dashboard
User can switch roles (top right menu)
Each role = different access

Permission Levels

Every permission has a level:

Level	Create	View	Edit	Delete
None	✗	✗	✗	✗
View	✗	✓	✗	✗
Create	✓	✓	✗	✗
Edit	✓	✓	✓	✗
Full	✓	✓	✓	✓

Viewing Role Permissions

HOW TO SEE WHAT A ROLE CAN DO
===============================================================================

Step 1: Navigate
Setup > Users/Roles > Manage Roles

Step 2: Click role name

Step 3: Go to Permissions tab
├── Transactions: What transactions they can access
├── Lists: What records they can access
├── Reports: What reports they can run
├── Setup: What settings they can change
└── Custom: Custom record access

Step 4: Review each permission level

Common Role Categories

Category	Example Roles	Purpose
Finance	A/P Clerk, A/R Clerk, Accountant	Financial transactions
Sales	Sales Rep, Sales Manager	Customer-facing
Operations	Warehouse, Purchasing	Inventory/fulfillment
Support	Support Rep, Support Manager	Customer service
Admin	Administrator	Full system access

Assigning Roles

HOW TO ASSIGN A ROLE
===============================================================================

Step 1: Go to employee record
Lists > Employees > [Employee]

Step 2: Access tab

Step 3: In Roles section, click "Add"

Step 4: Select role from dropdown

Step 5: Check "Default" if primary role

Step 6: Save

Multiple Roles

Users can have multiple roles:

WHEN TO USE MULTIPLE ROLES
===============================================================================

Good reasons:
├── User does different jobs
│   └── Sales Rep + Report Viewer
├── Temporary extra access
│   └── Normal role + Project role
├── Different access for different areas
│   └── A/P Clerk + Purchasing Agent

Not recommended:
├── Giving more "just in case"
├── Workaround for bad role design
└── Too many roles (confusing)

Quick Reference

I want to...	Go to
View all roles	Setup > Users/Roles > Manage Roles
See role permissions	Role > Permissions tab
Create new role	Setup > Users/Roles > Manage Roles > New
Clone a role	Role page > Duplicate
Assign role to user	Employee > Access tab > Add role

Key Concepts

ROLE CONCEPTS SUMMARY
===============================================================================

1. LEAST PRIVILEGE
   └── Give minimum access needed

2. JOB-BASED
   └── Role matches job function, not person

3. TESTABLE
   └── Always test roles before deploying

4. DOCUMENTED
   └── Know why each role exists

5. REVIEWED
   └── Audit roles periodically

Key Takeaways

Role = what user can do and see
Permission levels - None, View, Create, Edit, Full
Users can have multiple roles - switch as needed
Start with standard roles - customize as needed
Least privilege - only what's necessary

Role Permissions - Permission details
Role Restrictions - Data limitations
Custom Roles - Creating roles

What is a Role?​

Why Use Roles?​

Standard vs Custom Roles​

How Roles Work​

User-Role Relationship​

Role at Login​

Permission Levels​

Viewing Role Permissions​

Common Role Categories​

Assigning Roles​

Multiple Roles​

Quick Reference​

Key Concepts​

Key Takeaways​

Related Topics​

What is a Role?

Why Use Roles?

Standard vs Custom Roles

How Roles Work

User-Role Relationship

Role at Login

Permission Levels

Viewing Role Permissions

Common Role Categories

Assigning Roles

Multiple Roles

Quick Reference

Key Concepts

Key Takeaways

Related Topics