Users and Roles are configured in Setup / Users & Accounts / Users
A user is represented by a set of login credentials. Associated with a user is a user name, password, first and last name, email address, status (enabled or disabled), role and time zone. The system also provides an audit trail on a user’s login history.
Password policies can be set which will govern the rules for log in users. These include password expiry period, password history and complexity policy, reset period and intruder policies.
Associated with each user is a role. A role is a description of the type of user that is being created; admin, developer, operations, customer service representative etc.. The system allows you to create and define as many roles as required based on your business requirements.
Roles can be grouped into role groups. Role groups define the Create, Read, Update, Delete (CRUD) permissions for each role within the role group. CRUD style permissions can be configured per screen. As an example, an admin user can be set up with create, update, delete and read permissions on the billing screen, while an Customer Service Representative role might only be given update and read permissions on that screen.