> ## Documentation Index
> Fetch the complete documentation index at: https://docs.hiveku.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Build a Custom Role

> Create roles with exactly the access each team member needs

Default roles cover most teams, but sometimes you need something specific — a bookkeeper who lives in Accounting, a contractor who only touches Marketing, or a viewer scoped to a single department. Custom roles let you set access resource by resource.

<Info>
  Only Owners and Admins (or a role granted **Manage** on Roles & Permissions) can create or edit roles.
</Info>

## Create a role

<Steps>
  <Step title="Open the roles manager">
    Go to **Settings > Roles**, or from **Team Members** click **Manage Roles**.
  </Step>

  <Step title="Start a new role">
    Click **New role** to start from scratch, or **Clone** a default role to start from its access and tweak it. Cloning is the fastest path — for example, clone **Finance** and remove what a bookkeeper shouldn't touch.
  </Step>

  <Step title="Name it">
    Give the role a clear name (e.g. "Bookkeeper") and an optional description so other admins know what it's for.
  </Step>

  <Step title="Set access in the matrix">
    Each row is a resource; each column is a capability — **View, Create, Edit, Delete, Manage**. Check the boxes to grant access. Use the **None / View / Full** buttons on a department header to set every resource in that department at once.

    Checking any action automatically includes **View** (you can't edit what you can't see). Unchecking **View** clears the whole row.
  </Step>

  <Step title="Save">
    Click **Save role**. It's now available in the role dropdown on **Team Members**.
  </Step>
</Steps>

## Assign a role

<Steps>
  <Step title="Open Team Members">
    Go to **Settings > Team Members**.
  </Step>

  <Step title="Change a member's role">
    Use the three-dot menu next to a member and choose **Change Role**, then pick your custom role from the dropdown. You can also pick it when inviting someone new.
  </Step>
</Steps>

The change takes effect the next time the member reloads (within a few minutes at most).

## Rules and limits

<AccordionGroup>
  <Accordion title="I can't grant an access I don't have">
    You can only grant capabilities you hold yourself. An Admin can build almost any role; a department lead can only build roles within their own area. Owners can grant anything.
  </Accordion>

  <Accordion title="I can't delete a role">
    A role can't be deleted while anyone is still assigned to it. Reassign those members to another role first, then delete it.
  </Accordion>

  <Accordion title="I can't edit a default role">
    The nine built-in roles are fixed. To customize one, **Clone** it and edit the copy.
  </Accordion>

  <Accordion title="Someone still sees a section after I removed access">
    Permission changes propagate within a few minutes. Ask them to reload. Owners and Admins always see everything the plan includes — that's expected.
  </Accordion>
</AccordionGroup>

## What's Next?

<CardGroup cols={2}>
  <Card title="Permissions reference" icon="shield-halved" href="/settings/permissions">
    The full capability model and default-role matrix
  </Card>

  <Card title="Team Members" icon="users" href="/settings/team">
    Invite people and manage access
  </Card>
</CardGroup>
