Permissions
Enjo's permission system gives you fine-grained control over what users can view, manage, and configure across your workspace. Permissions are applied through roles: either the six default roles or custom roles you create.
This article is a complete reference for all permissions available in Enjo, grouped by module. For information on how roles work, see User Roles. For how to create roles with specific permissions, see Custom Roles in Enjo.
Before You Begin
Only Owner and Admin roles can manage users and assign permissions.
Only Owners can grant the Owner role to another user.
There must always be at least one Owner in the workspace. The last Owner cannot have their role changed or be removed.
Permission changes take effect immediately for all users assigned to the updated role.
Module-wise Permission Reference
1. AI Agent
Controls access to AI Agent creation and configuration.
Permission | What it controls |
Manage AI Agents | Full control over AI Agent creation, updates, knowledge indexing, ticketing configuration, and channel configuration. |
2. Agent Assist
Controls access to the Agent Assist configuration and widget.
Permission | What it controls |
Manage Agent Assist | Configure Agent Assist connections and behavior. Grant access to configure and manage settings for Agent Assist. |
Access Agent Assist | Allow users to access the Agent Assist widget inside the connected helpdesk application. |
3. Automation Tools
Controls access to automation features across the workspace.
Permission | What it controls |
Manage Automation Tools | Create, update, and delete all automation tools including Emoji Actions, Alerts, Commands, Approvals, and Swarm Rooms. |
4. Inbox
Controls access to conversations and inbox configuration.
Permission | What it controls |
Manage Inbox Settings | Restrict who can manage settings for channel inbox and connected AI Agents. |
Access Conversation | View, search, and reply to any conversation in the inbox. |
Access Assigned Conversation | Restrict view and response access to conversations directly assigned to the user. |
5. Reports
Controls access to analytics and reporting.
Permission | What it controls |
Manage Reports | Create new reports, edit existing ones and apply filters. |
View Reports | Read-only access to pre-configured or shared reports. |
6. Settings
Controls access to workspace configuration and administration.
Permission | What it controls |
Manage Users and Roles | Invite new users, assign or modify their roles, and deactivate accounts. |
Manage Access Tokens | Set up API tokens for integrations with third-party tools. |
Manage Workspace Settings | Access all workspace configurations including language, notifications, connected apps, and integrations. |
Manage Billing | Access subscription details and update plans and payment methods. |
Note: Billing and Settings access should only be granted to trusted workspace administrators. Plan-specific permissions reflect your workspace's pricing tier.
Security Considerations
Only Owners can grant the Owner role to another user. Attempting to assign the Owner role without Owner-level access will be blocked by the system.
There must always be at least one Owner in the workspace. If only one Owner exists, their role cannot be changed or removed.
Billing access is exclusive to the Owner role by default and should only be extended to highly trusted admins.
Removing a user's role or suspending their account takes effect immediately.
What's Next
User Roles: Review the six default roles and their default permission sets.
Custom Roles in Enjo: Create and assign custom roles with a specific combination of permissions for your workspace.
Invite Users: Add new members to your workspace and assign them a role during onboarding.
