Roles & Permissions
Granular control. Built to scale.
Roles are the foundation of the Breeze platform. They define what each person can see and do – from ordering an ID card to managing domains, tenants, and production workflows. Instead of rigid permission structures, Breeze uses a flexible role and task model that adapts to both small organizations and complex enterprise environments.
Roles can be combined and extended as needed. This allows you to grant precise access based on responsibility, ensuring strong security, clear ownership, and minimal administrative overhead.
For how to manage the rolls and tasks directly in Breeze se the support site for roll managment [HERE]
Breeze offers advanced roll features in combination with SSO, such as:
User Onboarding: Streamlines the process of adding new users.
Role Management: Simplifies the assignment and management of user roles.
Custom SSO Route: Custom direct route for users to log in using SSO.
With Breeze, we currently support SSO integration with Azure Active Directory (Azure AD) out of the box. Additionally, we can add support for other identity providers (IdPs) upon request, as long as they use SAML, OAuth2, or OpenID Connect (OIDC) standards.
For full, role-specific capabilities, see Breeze Docs.
Role types in Breeze
General Roles
These define the overall scope of access in the platform.
System Admin – Domain, system, and production configuration
Super Administrator – Tenant management, orders, and production operations
Administrator – Day-to-day tenant administration
User – Request and manage own credentials
How role assignment works
Roles can only be assigned by users with Administrator level or higher
The assigning user must have User Administration permissions
You can only assign roles at or below your own priority level
Task roles inherit strict priority rules to prevent privilege escalation
This ensures a secure, predictable access model – even in large, multi-tenant environments.
Task roles
Task roles are optional add-ons that extend what a user can do within their core role. They allow fine-grained control without inflating access levels.
Examples include:
Production Operator
Quality Inspector
Warehouse Operator
Invoicing Operator
Template & Layout Management
AMR & Mobile Credential Configuration
User Administration
Access Control Management
Approvals & Compliance
Reporting & Data Export
Each task role has a minimum required role level to ensure proper separation of duties and secure delegation.
Need more details?
This overview is designed to give you clarity at a glance. For a complete breakdown of each role, task permissions, and assignment rules, visit Breeze Docs.
