Aragon Research positions Brightspot in the Leader section of the Aragon Research Globe™ for Content Experience Platforms, 2025
Brightspot CMS User Guide
Brightspot CMS User Guide
Admin
Users, roles & permissions
Roles
Back to Roles

Creating a role

This topic covers how to create a role in Brightspot.

To create a role:

  1. Click menu > Admin > Users & Roles
  2. In the Roles widget, click New Tool Role.
  3. Using Fields for creating a role as a reference, enter settings for the role.
  4. Click Save.

The following topics describe how to set permissions on a role.

Setting a role's site access
To set a role's site access:
  1. Click menu > Admin > Users & Roles.
  2. Select the role for which you want to limit access to sites.
  3. Under Permission Settings, from the Sites list, select All, All Except, None, or Only, and make the configuration as necessary. (For an explanation of these terms, see Permission scopes.)

    Permissions on sites Permissions on sites
    Permissions on sites
  4. Click Save.
Referring to the previous illustration, editors in the role can work only on the site Brightspot.

Setting a role's navigation-menu access
You can set a role's access to selections in the navigation menu. This ensures users associated with that role cannot access sensitive settings.


To set a role's access to selections in the navigation menu:



  1. Click menu > Admin > Users & Roles.
  2. Select the role for which you want to set access to the navigation menu.
  3. Under Permission Settings, from the Areas list, select All, All Except, None, or Only, and make the configuration as necessary. (For an explanation of these terms, see Permission scopes.)



    Permissions on the navigation menu Permissions on the navigation menu
    Permissions on the navigation menu
  4. Click Save.
Referring to the previous illustration, users in the role can access any selection in the navigation menu except Admin > Sites & Settings and Admin > Users & Roles.

Setting a role's user-interface access
You can limit a role's access to various user-interface features, such as locking, theme selection, and impersonation.

To limit a role's access to user-interface features:
  1. Click menu > Admin > Users & Roles.
  2. Select the role for which you want to limit access to the features listed in the following table.
  3. Under Permission Settings, from the UI list, select All, All Except, None, or Only, and make the configuration as necessary. (For an explanation of these terms, see Permission scopes.)
    Permissions on miscellaneous features Permissions on miscellaneous features
    Permissions on miscellaneous features
  4. Click Save.
Referring to the previous illustration, users in the role can access all features except impersonating a user, setting a site's tool theme, and setting the global tool theme.

The following table describes the miscellaneous features on which you can set permissions.

OptionDescription
View All CollectionsRoles with this permission can view all shared collections within their sites. When this permission is excluded, users with this role can only view their own collections.
Content UnlockRoles with this permission can unlock an asset-level lock. For more information about asset-level locking, see Locking.
Disable Content UnlockRoles with this permission can prevent other editors from unlocking assets they opened. For example, if Adam has this permission, then Adam can prevent other editors from unlocking an article he opened. For detailed information about this permission, see the setting Allow Disable Unlocking in Global site settings.
Edit Guide Field Editorial NoteRoles with this permission can provide notes for fields throughout Brightspot. For more information, see Providing and reading notes for Brightspot fields.
Field UnlockRoles with this permission can unlock a field-level lock. For more information, see Field-level locking and Unlocking a field.
Impersonate UserRoles with this permission can impersonate another editor. For more information, see Impersonating a user.
Image EditorRoles with this permission can access the Brightspot image editor. For more information, see Understanding Brightspot's image editor.
Set Site Tool ThemeRoles with this permission can modify Brightspot's appearance and layout for a site. For more information, see Changing a site's theme.
Set Global Tool ThemeRoles with this permission can modify Brightspot's appearance and layout for all users. For more information, see Changing a site's theme.

Setting a role's content-type access
You can set a role's access to content types.




To set a role's access to content types:





  1. Click menu > Admin > Users & Roles.
  2. Select the role for which you want to limit access to content types.
  3. Under Permission Settings, from the Types list, select All, All Except, None, or Only, and make the configuration as necessary. (For an explanation of these terms, see Permission scopes.)







    Permissions on content types Permissions on content types
    Permissions on content types
  4. Click Save.


The Types list limits access to content types. In the following example, the role can create content from any type except galleries and playlists.



You can also restrict the available actions at the content-type level.

Limit access to actions by content type Limit access to actions by content type
In the previous illustration—

  • Main Tab Only in the Form field indicates that this role uses the custom content edit form when working with articles. For more information about custom content edit forms, see Customizing content edit forms.
  • The Read Only after Publish toggle indicates this role can modify and republish an article after it is published.
  • The Actions field indicates that this role cannot archive or restore articles. For descriptions of the available actions, see the following table.
  • The Content field indicates that this role has access to all articles except Galaxies Collide, No Injuries Reported. You can configure two types of lists in this field:

    • Basic—A list of individual articles the role can or cannot access. (For details about basic lists, see Creating a basic list.)
    • Dynamic—Click edit, and in the Edit Dynamic Query widget create a dynamic list of articles that the role can or cannot access. (For details about dynamic lists, see Creating a dynamic list.) Dynamic lists are useful in situations such as the following:

      • Limiting a role to updating articles in a particular section, such as sports or recipes.
      • Limiting a role to updating articles that were published in the last six months.
      • Limiting a role to updating articles that are in draft status.
The following table describes the actions available for a selected content type. Additional actions may be available depending on your version of Brightspot.

Action

Description

ArchiveUsers in the role can archive items. For details about archiving, see Archiving assets.
Bulk ArchiveUsers in the role can bulk archive items. For details about bulk archiving, see Bulk archive content.
Bulk EditUsers in the role can apply edits to multiple items. For details about bulk editing, see Bulk editing.
Bulk WorkflowUsers in the role can move multiple items through a workflow. For details about bulk workflow transactions, see Using the bulk workflow function.
DeleteUsers in the role can delete items. For details about deleting items, see Permanently deleting an asset.
PublishUsers in the role can publish items.
RestoreUsers in the role can restore items. For details about restoring items, see Restoring an archived asset.
UnscheduleUsers in the role can unschedule items. For details about unscheduling, see Unscheduling an asset.
WriteUsers can update items.

Setting a role's developer-level access
You can sets a role's access to developer-level features. These features provide advanced content editing or content management (such as exposing the HTML toggle in the rich-text editor).
Warning
Incorrect use of developer-level features can cause Brightspot to operate differently from expected. Ensure the users assigned to this role have the technical knowledge to use these features correctly.

Note
Depending on your version of Brighspot, you may need to give developers access to the HTML toggle permission so that they can see a help icon when hovering over a field in a content edit page. Clicking the icon displays technical information about the field's declaration.

For information about how to enable this feature if it is not already enabled, see Viewing field data for developers.
To limit a role's access to developer-level features:
  1. Click menu > Admin > Users & Roles.
  2. Select the role for which you want to limit access to developer features.
  3. Under Permission Settings, from the Developer list, select All, All Except, None, or Only, and make the configuration as necessary. (For an explanation of these terms, see Permission scopes.)
    Limiting access to developer-level features Limiting access to developer-level features
  4. Click Save.
Referring to the previous illustration, users in the role have access to all developer-level features except the rich-text editor's HTML toggle.

Setting a role's access to additional permissions
You can set a role's interactions with additional permissions. For example, if you integrated Brightspot with a translation service, you can prevent a role from submitting assets for translation.


To set a role's access to additional permissions:

  1. Click menu > Admin > Users & Roles.
  2. Select the role for which you want to set access to additional permissions listed in the following table.
  3. Under Permission Settings, from the Additional Permissions list, select the required external service (such as Translation or Mailchimp).
  4. From the Permissions list, select All, All Except, None, or Only, and make the configuration as necessary. (For an explanation of these terms, see Permission scopes.)



    Additional permissions for translations Additional permissions for translations
    Additional permissions for translations
  5. Click Save.
Referring to the previous illustration, the role can submit assets for translation, but cannot interact in any other way with the translation service (such as canceling a translation or viewing the translation log).





The following table describes the miscellaneous features on which you can set permissions.







OptionDescription
Conversation PermissionUsers in this role can pin posts in an asset's conversation. For more information about conversation, see Sending and viewing messages through Conversation.

MailchimpUsers in this role can manage campaigns through Mailchimp. For more information, see Mailchimp.
SailthruUsers in this role can manage campaigns through Sailthru. For more information, see Sailthru.
TranslationUsers in this role can manage translation jobs. For more information, see Sending an asset for translation.

Previous Topic
Roles
Next Topic
Editing a role
Tags
Users, roles, and permissions
Was this topic helpful?
Thanks for your feedback.

Browse All Docs

CMS User Guide
Everything you need to know when creating, managing, and administering content within Brightspot CMS.

Dashboards
Publishing
Workflows
Admin configurations
Developer Guide
A guide for installing, supporting, extending, modifying and administering code on the Brightspot platform.

Field types
Content modeling
Rich-text elements
Images
Integrations Guide
A guide to configuring Brightspot's library of integrations, including pre-built options and developer-configured extensions.

Google Analytics
Shopify
Apple News
Content Types Guide
Brightspot is packaged with content types that get you up and running in a matter of days, including assets, modules and landing pages.

Assets
Modules
Landing pages
Design System
Our robust, flexible Design System provides hundreds of pre-built components you can use to build the presentation layer of your dreams.

Asset types
Module types
Page types