Understanding roles and permissions
Give each administrator the access required for their responsibilities while protecting sensitive settings.
Roles and permissionsUpload: adding admins and assigning access
The principle of least access
Give people enough access to complete their role, but not broad administrator permissions by default. This reduces accidental changes and makes responsibility clearer.
Typical role structure
| Role | Typical responsibility | Suggested access |
|---|---|---|
| Platform administrator | Overall configuration and governance | Full administrative access |
| Community manager | News, events, users and engagement | Content and community management |
| Learning manager | Courses, challenges and completion | Learning and reporting |
| Content editor | Drafting and updating content | Limited publishing access |
| Member | Participation in the community | User-facing access only |
Review access regularly
Remove access when a person changes role or leaves the organisation. Schedule a periodic permissions review rather than relying on memory.
Do not share administrator accountsIndividual accounts create clearer accountability and make access easier to revoke.
Hub version 0.3.7 ยท Last updated 16 July 2026