Role Templates
Role Templates let you define standardized access packages that get applied through Workflows. Each template bundles the permissions and group memberships a user needs for a given role.
They work well for scenarios where Dynamic Groups aren't enough, like when you need to bundle complex access permissions that go beyond simple attribute-based rules, or when access depends on specific role assignments rather than user attributes like department or job title.
Important: Role Templates define access configurations but do not provision access immediately. Roles are only applied when activated through a Workflow.
What You Can Do
You can create new roles with specific permissions and group memberships, edit existing roles as access requirements change, and delete roles you no longer need.
Example: IT Department New Employee Role
A "New Employee - IT Department" role template might include:
- Corporate email account and distribution lists
- IT support team and technical staff group memberships
- Access to the internal ticketing system, monitoring tools, and development environments
- VPN access and appropriate security clearance levels
When a Workflow assigns this role during onboarding, the new IT employee gets all the access they need right away.
Benefits of Role-Based Access
When you use Role Templates in your Workflows, every user with the same role gets identical access, which removes the guesswork from manual permission assignments. You also get a clear audit trail of role-based access, making compliance reviews much simpler. And since templates apply the principle of least privilege consistently, your security posture stays solid as you scale.