Roles in FusionAuth are associated with an application.
You can define as many roles as you want in an application. There are no limits on the number of roles a user or a group can have.
Roles are often used by APIs and applications to control access to functionality. For example, Zendesk presents a different user interface to users with the
agent role than to users without that role.
You can associate roles with users directly via their registration. Or you can assign an application role to a group, and then any users in that group who have access to that application will have that role.
Roles have the following attributes:
- Name Required
The name of the role. This value should be short and descriptive. Roles can only be created and deleted, only the role description may be modified.
- Default Optional
One or more roles may be marked as default. A default role will be automatically added to new user registrations when no roles are explicitly provided on the API request.
- Super Role Optional
A role may be optionally marked as a super user role. This indicator is just a marker to indicate to you that this role encompasses all other roles. It has not affect on the usage of the role.
- Description Optional
An optional description to better describe the intended use of this role.