Roles (Permission Management in the Admin Panel)
The role feature allows you to flexibly set operation permissions for members in the management screen.
Please use it when multiple members from different positions are managing content simultaneously, or when you want to set operation permissions by department or store.
InformationThe role is a feature available in the Business and Enterprise plans.
For details on the features available in each plan, please refer to the pricing page.
Role Management Screen Operations
Role List Screen
On the role list screen, you can view the roles you have created, as well as perform the following various operations.
1. Search by Role Name
You can filter by role name.
2. Add a Role
Press the [Add] button to navigate to the new role creation screen.
Additionally, the menu that appears when you press the three-dot menu for each role is as follows.
3. Copy Role to Create New
You can copy the settings of the selected role to create a new role.
Press [Copy Role to Create New] to navigate to the new role creation screen, where the settings of the selected role will be reflected in their initial state. Please make any necessary edits and create the role.
4. Delete Role
This will delete the selected role.
New Role Creation Screen
This is the screen for creating a new role.
1. Create
Once you have completed the necessary settings, press [Create] to create the role.
2. Deselect All / Grant All
You can deselect all or grant all for each permission item.
When individual permissions are added, a [Deselect All / Grant All] button will be provided for each individual permission.
- Information
For individual permissions, please refer to the section on "Default Permissions and Individual Permissions" below.
Role Editing Screen
This is the screen for editing the created roles.
1. Copy and Create New
You can copy the selected role and create a new role.
This behaves the same as when you press [Copy and Create New] on the role list screen.
2. Delete
This will delete the currently opened role.
3. Change
This will reflect the changes in the role settings.
Details of Each Permission Item
This section explains the details of various permissions that can be set using the role feature.
Members
Read
This mainly affects the viewing of the member list screen and detail screen, as well as the reading of reviewer, creator, updater information, and members currently editing.
All Members
Information about all members can be read.
Members with this role assigned
Information about members assigned the same role can be read.
Specific Members Only
Information about specified members can be read.
None
Members cannot be viewed.
Create
Members can be created.
CautionWhen creating a member, it is necessary to specify a role, so read permissions for the role are also required.
Members other than the administrator role can only specify the roles they belong to.
If you want to specify a role for the member that is not one you belong to, please assign that role to yourself.
For specific methods, please refer to "How to grant or edit roles other than the ones you belong to".
Edit
You will be able to change the roles associated with members.
- Caution
You will need read permissions for the role.
Members other than those with the administrator role can only change the roles they belong to.
If you want to change a role that you do not belong to, please assign that role to yourself.
For specific methods, please refer to "How to grant or edit roles other than the ones you belong to".
Delete
You will be able to delete members.
Roles
Read
This mainly affects viewing the role list and role detail screens.
All Roles
You will be able to read information about all roles.
Read (Only roles I belong to)
You will be able to read information about the roles you belong to.
None
You will not be able to view roles.
Create
You will be able to create roles.
Edit
You will be able to edit the permissions of roles.
- Caution
Members other than the administrator role can only edit the permissions of the roles they belong to, even if they have editing rights.
If you want to edit the permissions of a role that you do not belong to, please assign that role to yourself.
For specific instructions, please refer to "How to assign or edit roles other than the ones you belong to".
- Caution
Essentially, changing to the Hobby plan grants the authority to stop the service.
API Key
Read
This mainly affects viewing the API key list screen, detail screen, and reading the API key during API preview.
Information about all API keys will be accessible for reading.
Usage Confirmation
Read
You can access the data transfer volume screen and content count screen in service settings.
Environment
Read
You can view the list of duplicated environments and access each environment.
- Caution
The created environment can be accessed even without read permissions if the URL of the duplicated environment is known. This behavior may change in future updates.
Creation
You can create a duplicate environment.
- Caution
When creating an environment, having creation permissions allows you to verify a lot of data, as it enables you to copy the settings and content from the production environment.
Delete
You can delete the duplicated environment.
Review
Read
All Review Requests
You can view all review requests.
Only reviews created by members of this role
You can only view reviews requested by members assigned the same role.
The determination of whether they belong to the same role uses the current role, not the role at the time of the review request.
Only Review Requests I Created
You can only view reviews that you requested.
None
You cannot view any reviews.
Create
You can submit a review request.
Edit
Approval + Edit/Comment
In addition to the operations possible with "Edit/Comment only,"
you can approve the review to publish content, approve the review to end content publication, and delete comments (including comments from AI reviews).
Edit/Comment Only
You can end, resubmit, post comments, edit review titles and descriptions, set scheduled times, configure reviewers, assign AI reviewers on the review screen (manual execution), and execute re-reviews.
Edit (None)
You cannot edit anything regarding the review.
- Information
Permissions for Executing AI Reviews
To manually execute (or re-review) an AI review, in addition to the review permissions mentioned above, you must have “read permissions for all content related to the review target”.
If the target content includes any data, such as referenced content or image data, for which you do not have read permissions, you will not be able to manually execute (or re-review) the AI review.
※ Note that if "Automatic Review" is set to ON in the review settings, the automatic execution will be performed by the system, and can be executed regardless of the operator's permissions.
Media
Read
This mainly affects viewing the media list screen, reading images from the rich editor, and reading in image/file fields.
All Media
Information about all media (images and files) can be read.
Media Created by Members of This Role Only
You can only view media created by members assigned the same role.
The determination of whether they belong to the same role uses the current role, not the role at the time of media creation.
Media Uploaded by Yourself Only
You can only view media that you have uploaded.
None
You cannot view any media.
Create
You will be able to upload media.
Edit
You will be able to re-upload media, change file names, and set tags.
Delete
You will be able to delete media.
API
Read
This mainly affects reading the API list displayed in the sidebar and reading content reference fields.
You can view information about all APIs.
Create
You will be able to create APIs.
Edit
You will be able to configure API settings, set custom fields, and rearrange or move APIs between groups.
Delete
You will be able to delete APIs.
Content
Read
This mainly affects viewing the content list screen and detail screen, as well as reading content reference fields.
All Content
You can view all content.
Content Created by Members of This Role Only
You can only view content created by members assigned the same role.
The determination of whether they belong to the same role uses the current role, not the role at the time of content creation.
Content Created by Yourself Only
You can only view content that you have created.
None
You cannot view any content.
Create
Save as Draft
You can save new content as a draft.
Publish
You can publish new content.
Edit
Operations That Do Not Affect Published Content
Save as Draft
You can save drafts for content that is "Draft" or "Published and Draft".
Discard Draft
You can discard the draft of content that is "Published and Draft".
Revert Unpublished Content to Draft
You can revert "Published Ended" content to draft.
Change Content ID of Unpublished Content
You can change the content ID of content that is "Draft" or "Published Ended".
Rearrange Unpublished Content
You can rearrange content that is "Draft" or "Published Ended".
Change Publish Date of Unpublished Content
You can change the publish date of content that is "Draft" or "Published Ended".
Change Content Creator
You can change the content creator.
Change draftKey
You can change the draftKey of content that is "Draft" or "Published and Draft".
Operations That Affect Published Content
Publish / Schedule for Publishing
You can publish or schedule for publishing content that is "Published" or "Published and Draft".
End Publishing of Published Content / Schedule for Ending Publishing
You can end publishing or schedule for ending publishing of content that is "Published" or "Published and Draft".
Revert Published Content to Draft
You can revert "Published" content to draft.
Change Content ID of Published Content
You can change the content ID of content that is "Published" or "Published and Draft".
Rearrange Published Content
You can rearrange content that is "Published" or "Published and Draft".
Change Publish Date of Published Content
You can change the publish date of content that is "Published" or "Published and Draft".
Delete
You can delete content.
Developer Menu
Read
You can hide developer settings. If set to hidden, the following menus will be hidden.
- Custom Fields
- API Settings
- API Preview
▼View When Developer Settings Are Set to "Visible"
▼View When Developer Settings Are Set to "Hidden"
- Caution
You can view the Custom Field and API settings by directly entering the URL. The developer menu is intended for basic control, so if you need to restrict actual access, please use the permission settings related to the API.
Priority of Permissions
About the Administrator Role
The administrator role is a default role that has permissions to perform all operations.
This role cannot be edited (permissions cannot be changed) or deleted.
Additionally, it must be assigned to at least one person within the service.
Operations Executable Only by the Administrator Role
There are operations in the management screen that can only be executed by the administrator role.
Therefore, when comparing a newly created role with all permissions granted to the administrator role, the administrator role can perform a wider range of operations.
Operations that can only be executed by the administrator role include the following:
- Viewing and operating certain items in service settings
- Creating, editing, and deleting API keys
- Changing environment names and label colors
- Creating, editing, and deleting API groups
- Granting and editing roles other than the role to which one belongs
- Enabling AI features and individual functions
- Displaying the review settings screen
- Adding, editing, and deleting AI reviewers
Default Permissions and Individual Permissions
Default permissions are permissions applied at the service level, and restrictions are applied to all APIs / content.
This is effective when you want to set permissions for the entire service at once.
On the other hand, individual permissions are permissions applied at the API level, which can override default permissions.
With individual permissions, you can set the following items:
- API
- Content
- Developer Menu
- Review
Behavior When Multiple Roles Are Assigned
It is possible to assign multiple roles to a single member.
The association of roles to a member can be done from the member detail screen.
If the multiple roles assigned have different permissions, the role with broader permissions takes precedence.
- Information
Role A: No API creation permission
Role B: API creation permission granted
If you belong to both of the above roles, the determination will be API creation permission granted.
Use Cases
How to Grant or Edit Roles Other Than Your Own
Members with roles other than the administrator role are only permitted to perform the following actions regarding role granting and editing.
- Edit the permissions of the role they belong to
- Grant or revoke their own role to/from another member
If you hold a role other than the administrator role and wish to grant or edit roles other than your own, please grant the relevant role to the member in question. Multiple roles can be assigned to a member, and stronger permissions take precedence.
Example of Adding a Member with a Role You Do Not Belong To
Assume there are two roles: "Site A Administrator" and "Site A Operator," and there is a member with the "Site A Administrator" role.
Now, consider the case where this member wants to add a member who holds the "Site A Operator" role (a role they do not possess).
In this case, by granting the "Site A Operator" role to this member, they will be able to select the "Site A Operator" role when adding a member.
▼ When adding a member, the "Site A Operator" role will also become selectable
Contents
- Role Management Screen Operations
- Role List Screen
- New Role Creation Screen
- Role Editing Screen
- Details of Each Permission Item
- Members
- Roles
- Payment
- API Key
- Usage Confirmation
- Environment
- Review
- Media
- API
- Content
- Developer Menu
- Priority of Permissions
- About the Administrator Role
- Default Permissions and Individual Permissions
- Behavior When Multiple Roles Are Assigned
- Use Cases
- How to Grant or Edit Roles Other Than Your Own