# Understanding Roles in Oobeya

### Application/System Roles

Application Roles are pre-defined roles within Oobeya that manage the permissions of users. They determine what a user can access and what operations they can perform within the application. The default Application Role is **Role User**.

<figure><img src="/files/DenahOLxMmJyKSayXPB9" alt=""><figcaption><p>Oobeya Application Roles</p></figcaption></figure>

***

### Available Application Roles

#### **1. Role User (Default)**

&#x20;This is the default role assigned to new users.

* **Permissions**:
  * Can access dashboards and team scorecards that are shared with them.
  * Can access their own scorecard.
* **Restrictions**:
  * Cannot access private dashboards not shared with them.
  * Cannot perform administrative operations.

***

#### **2. Role Admin**

Users with this role have full administrative rights within Oobeya.

* **Permissions**:
  * Can manage all operations, including:
    * Adding and managing integrations.
    * Managing data sources.
    * Accessing admin settings.
  * Can access all dashboards, analytics, and scorecards.
* **Ideal for**: Administrators who need full control over the Oobeya environment.

***

#### **3. Role Executive**

Designed for executive-level users who need insight into team and individual performance.

* **Permissions**:
  * Can access all Team and Individual Scorecards.
* **Restrictions**:
  * Cannot access admin settings.
  * Cannot manage integrations or data sources.
* **Ideal for**: Executives and managers who need to access all data without administrative capabilities.

***

#### **4. Role Superuser**

* **Description**: A system role specifically for on-premise instances (the first user) of Oobeya

***

### Summary

By effectively managing Application Roles, you can ensure that users have appropriate access levels and that their responsibilities within Oobeya align with their roles in your organization.

* **Role User**: Default role with limited access; can view shared dashboards, teams, and individual scorecards.
* **Role Admin**: Full access to all features and settings; can manage integrations and data sources.
* **Role Executive**: Access to all team and individual scorecards; cannot access admin settings.
* **Role Superuser**: System role for on-premise instances.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.oobeya.io/administration/user-management-single-sign-on-auth-settings/understanding-roles-in-oobeya.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.