1. DAM User Roles
Purpose of User Roles
User Roles in DAM determine what a user can see and do within the company and projects. They focus on project and company management, while asset-specific permissions are controlled via Gallery Roles.
You can invite users at the company level (access to all projects) or at the project level (access only to specific projects).
Standard User Roles
| Role | Scope | Permissions |
|---|---|---|
| Owner | Company-wide (only 1) | Full access to all DAM pages, assets, folders, and system settings, including Billing and Organization settings. Can manage all users. |
| Administrator | Company-wide | Same as Owner, except cannot create other Admins or promote a new Owner. |
| Manager | Company or Project | Access to all DAM pages and system settings except Billing and Company settings. Can manage lower-level users. Project-level Managers can manage users within their project only. |
| Developer | Company or Project | Access to DAM pages and selected System Settings (Metadata, Storage, Automations, DMO). Cannot access Billing or Organization settings. |
| Contributor | Company or Project | Can view and work with assets but cannot access system settings. Limited to Home and DAM menus (excluding Labels page). |
| Viewer | Company or Project | Read-only access: view Home, Assets, Folders, Favorites, and Sharebox. Cannot modify settings or content. |
| Accountant | Company-wide | Access only to Billing. Cannot access DAM, settings, or assets. |
Custom Roles
Administrators can create up to 5 custom roles.
-
Permissions can be defined for:
Home page
Top menu (DMO, Portals, Analytics)
DAM (Gallery menu)
DMO (Settings)
Organization & Project settings
Custom roles allow tailored access while respecting standard role hierarchy.
Users can manage others only if their role is higher than the target user.
User Invitation and Management
Click + Invite Users (supports single or bulk invites).
Enter Email, Role, Access scope (company or project).
Send the invite; pending invites can be resent or canceled.
Users can only manage lower-level users, except project-level Managers who can manage other Managers.
Review and update access periodically for security.
Managing User Attributes
Go to People → … → Manage User Attributes
Default attributes: First Name, Last Name, Email (cannot be deleted).
-
Add custom fields:
Text: Free text values (e.g., personal address)
Select-one: Drop-down with predefined options (e.g., region, job position)
2. Cloudimage User Roles
Cloudimage roles are not always documented officially, so here’s a practical breakdown based on platform behavior:
| Role | Scope | Permissions |
|---|---|---|
| Owner | Company-wide (only 1) | Full access to all tokens, settings, and billing. Global permissions. |
| Admin | Company-wide or token-specific | Can manage tokens, users, and settings. Cannot create another Owner. |
| Manager | Token-specific | Can manage tokens and users under their scope. Cannot access billing. |
| Accountant | Company-wide | Can access invoices and billing details only. Cannot modify tokens or settings. |
| Read Access | Token-specific | Can view token data but cannot edit or delete. |
| Write Access | Token-specific | Can upload or modify assets but may not manage users or billing. |
Note: Owners are always unique. Admins can be multiple but may have restricted scope. Accountants are strictly read-only for financial data. Managers and token-level users have access aligned with specific tokens.
If you have any questions or issues, please feel free to contact our Software Engineer and mention the following details:
- Token
- Short description of the issue (including URLs, screenshots, short video if available)
- Steps to reproduce the issue.
Comments
Please sign in to leave a comment.