Assign Permissions to Directory Synced Roles

The next step is to assign role permissions to your newly provisioned roles in Modern Treasury.

Edit your directory synced roles

On the roles page, select a directory synced role to assign permissions to. Under the Actions dropdown button at the top of the role details page, select Edit.

In Update Role, find the Permissions section. Select the desired access level for each permission from the dropdowns and save your changes.

See the Role permissions table at the bottom of this page for more information on each permission category.

Confirm role permissions

After assigning permissions in Modern Treasury to your directory synced roles, confirm that the access gating is correct.

For example, for a user with View Only Access for Organization, they should only be able to view organization settings, user settings, roles, approval rules, and audit records. They should not be able to edit any of those settings.

Role permissions

Permission TypeAccess Level OptionsAccess Control Applied to
OrganizationManage and Edit Access, View Only Access, No AccessOrganization-wide settings
User settings
Approval rules
Audit records
Developer SettingsManage and Edit Access, View Only Access, No AccessLogs
Webhook endpoints
Webhook delivery attempts
CounterpartiesManage and Edit Access, View Only Access, No AccessCounterparty information and invitations
External AccountsManage and Edit Access, Full View Only Access, Partial View Only Access, No AccessExternal account data
API KeysManage and Edit Access, View Only Access, No AccessAPI keys (also requires Developer Settings permissions)
LedgersManage and Edit Access, View Only Access, No AccessLedgers data
AccountsManage, Review, and Edit Access, View Only Access, No Access, Per-Account AccessPayment orders
Expected payments
Paper items
ComplianceManage, Review, and Edit Access, Review and Edit Access,View Only Access, No AccessCompliance data
Partner SearchManage and Edit Access, View Only Access, No AccessPartner search data