Role-Based Access Control
How JobsiteOn's role-based access control works, including the four built-in roles, their permissions, and best practices for role assignment.
What this guide covers
This guide explains how role-based access control (RBAC) works in JobsiteOn. You will learn about the four built-in roles, what each role can and cannot do, and best practices for assigning roles to your team.
The four built-in roles
Owner
Full access to everything. Only one Owner per workspace. The Owner is the person who created the workspace and has billing control.
Admin
Full operational access without billing. Admins can manage team members, settings, integrations, and all business data.
Dispatcher
Operational access for day-to-day work: scheduling, contacts, jobs, quotes, and invoices. No access to workspace settings, team management, or integrations.
Technician
Limited access scoped to assigned jobs and related contacts. Technicians see only their own schedule and job details.
Screenshot: A permissions matrix table showing the four roles as columns and permission categories as rows, with checkmarks indicating access.
Detailed permissions matrix
| Permission | Owner | Admin | Dispatcher | Technician |
|---|---|---|---|---|
| View dashboard | Yes | Yes | Yes | No |
| Manage contacts | Yes | Yes | Yes | View only |
| Manage jobs | Yes | Yes | Yes | Assigned |
| Manage schedule | Yes | Yes | Yes | View own |
| Create quotes and invoices | Yes | Yes | Yes | No |
| View reports | Yes | Yes | Yes | No |
| Manage team members | Yes | Yes | No | No |
| Workspace settings | Yes | Yes | No | No |
| Company settings | Yes | Yes | No | No |
| Manage integrations | Yes | Yes | No | No |
| Billing and subscription | Yes | No | No | No |
The principle of least privilege
Assign each team member the role with the fewest permissions needed for their work. This reduces the risk of accidental data changes and limits exposure if an account is compromised.
Animation: A visual showing a team of five people being assigned roles: one Owner, one Admin, one Dispatcher, and two Technicians.
Changing roles
- Go to
/settings> Workspace > Roles. - Find the team member in the list.
- Click their current role to open the role selector.
- Choose the new role.
- Click Save.
Role changes take effect immediately. The user may need to refresh their browser to see the updated permissions.
Tip: Review role assignments quarterly. As team members' roles evolve, their access should be updated to match.
Best practices
- Limit the number of Admins. One or two Admins is sufficient for most teams.
- Use Dispatcher for office staff. Dispatchers have enough access to manage daily operations without exposure to sensitive settings.
- Use Technician for field workers. This keeps their interface focused on their jobs.
- Never share credentials. Each person should have their own account with the appropriate role.
Note: Custom roles beyond the four built-in options are available on the Enterprise plan. Contact sales for details.
Related articles
Did this answer your question?