#Role Reference
| Role | Access Level |
|---|---|
| Client Admin | Full customer access across available customer surfaces |
| Client Manager | Broad review access, with view-only access for most operational settings |
| Client Staff | Limited access to calls, support, status, and personal settings |
#Overview
Every AiDial portal user is assigned a role that determines what they can see and do. This page provides a quick reference for the three customer roles. For detailed information about how roles are assigned, see Roles and Permissions.
Access is enforced by the portal for each signed-in session. The browser uses your portal session, and you do not need to enter or send an API key.
Navigation visibility is a convenience, not the security boundary. If a direct link is outside your role, tenant, or project scope, the portal blocks access without exposing cross-tenant identifiers.
#Customer Roles
#Client Administrator
The primary administrative role for your organisation. Client administrators can view customer dashboards, calls, support tickets, status, billing, audit log, and settings. They can manage team members, manage team member session access, edit available operational settings, submit data deletion requests, and request PII unlock from call detail.
Recording playback and download still depend on server-side policy, consent and compliance state, media availability, project scope, and the relevant tenant entitlement.
Multi-factor authentication: Not mandatory by role, but it may still be required by an explicit tenant or user policy.
#Client Manager
A senior role with broad visibility but limited management capabilities. Client managers can view customer dashboards, calls, support tickets, status, billing, audit log, settings, and team information. They can request PII unlock from call detail.
Client managers cannot invite users, change team membership, edit most operational settings, manage team member sessions, or submit data deletion requests. Recording playback and download still depend on server-side policy, consent and compliance state, media availability, project scope, and the relevant tenant entitlement.
Multi-factor authentication: Not mandatory by role, but it may still be required by an explicit tenant or user policy.
#Client Staff
A standard user role for day-to-day operational access. Client staff can view project-scoped calls with caller details redacted, view support tickets, view shared service status, view report delivery history, and manage their own profile, notification preferences, and sessions.
Client staff cannot access billing, team management, audit logs, PII unlock, data deletion requests, or most operational settings. Staff recording playback depends on tenant policy; recording download is not available to staff.
Multi-factor authentication: Not mandatory by role, but it may still be required by an explicit tenant or user policy.
#Feature Access Comparison
| Feature | Client Admin | Client Manager | Client Staff |
|---|---|---|---|
| Dashboard | Full | Full | Full |
| Call history and detail | Full | Full | Caller details redacted |
| Recording playback | Policy-gated | Policy-gated | Staff playback policy-gated |
| Recording download | Entitlement and policy-gated | Entitlement and policy-gated | No |
| Support tickets | Yes | Yes | Yes |
| System status | Yes | Yes | Yes |
| Billing overview and invoices | Yes | Yes | No |
| Billing portal | Yes | Yes | No |
| Team - view members | Yes | View only | No |
| Team - invite and manage | Yes | No | No |
| Team member session management | Yes | No | No |
| Settings - profile | Edit | Edit | Edit |
| Settings - notifications | Edit | Edit | Edit |
| Settings - report history | View | View | View |
| Settings - business hours | Edit | View summary | Unavailable |
| Settings - call limits | Edit | View summary | Unavailable |
| Settings - security/IP allowlist | Edit | View summary | Unavailable |
| Settings - compliance copy / collection notice | Edit | View summary | Unavailable |
| Settings - transfer settings | Edit | View summary | Unavailable |
| Settings - tenant settings | Edit | View summary | Unavailable |
| Settings - data governance | View detail | View summary | Unavailable |
| Settings - own session management | Yes | Yes | Yes |
| Settings - data deletion | Submit/cancel and view | View only | No section |
| PII unlock requests | Submit/view | Submit/view | No |
| Audit log | Yes | Yes | No |
| MFA required by role | No, unless explicitly required | No, unless explicitly required | No, unless explicitly required |
Rows marked policy-gated still require server-side tenant/project scope, consent and compliance state, media availability, and the relevant tenant entitlement. "Unavailable" means the settings section may render a restricted or unavailable state if reached, but it does not provide read or edit access.
#Sidebar Differences
The customer sidebar changes based on role:
- Client Admins and Client Managers see Dashboard, Calls, Support, Audit Log, Billing, Settings, and Status.
- Client Staff see Dashboard, Calls, Support, Settings, and Status.
Team access is available to Client Admin and Client Manager users when the Team surface is enabled. Customer-facing consent and collection notice copy is managed through Settings - compliance copy / collection notice.
#Related Pages
- Roles and Permissions - detailed role descriptions
- Multi-Factor Authentication - MFA setup and management
- Getting Started - first-time portal orientation