User roles

Users within your Budibase environment can have a plethora of roles. It starts with development access and then can be fine-tuned in every application.

Access permission

There are 3 levels of access permission to be used within Budibase. You can configure this when creating a new user, or update this whenever you have Administration permission.

  • Basic
  • Development
  • Administration

Basic permission is when both development and administration are disabled. This means a user can only view applications, and not edit them.


Publish your applications to give users access

Basic users will only be able to view published applications. Publish your application to give users access.

Development permission allows the user to not just view all applications, but also edit them.

Administration permission allows the user to manage users and global settings. You must first enable development permissions before enabling administration permissions.

Changing permissions

Only admin users can edit user permissions. If this is the case, going to the homepage of your Budibase installation.

In the left-hand sidebar, you'll find a Manage > Users section to which you need to navigate.

Click on the user you want to change, and scroll down to configure Development and Administration roles.

Keep in mind the Administration role requires the Development role also to be enabled.

Once you're happy with your access change, you can close the screen. The permissions save automatically.

App specific roles

All users in your app without Admin permission will only see applications you give them access to. But not only can you configure which applications each user can see, you can also configure their role in each application.

There are several roles to choose from, which impact what the user will be able to do and see in your application based on the roles you've defined for each section inside your application.
Access levels can be set for your each of your screens.

Higher tier roles will be able to see everything lower tiers can see, plus their own role-specific elements. This means, an Admin role can see all the pages built for Power, Basic and Public roles.

1PublicCan see un-authenticated. Cannot be given to a user
2BasicLowest authenticated role
3PowerHas all permissions of Basic and Public, but not Admin
4AdminHighest authenticated role


Order matters!

The order of user role matters. Higher roles can see everything from lower roles as well as their own.

Adding custom roles

The core app roles cannot be deleted, however you can add and remove any number of custom roles if you need more granular access control.

Within your app, navigate to the Users table and click on Edit roles.

A modal will pop up to enter data into. Select Create new role.

Inherits Role determines the rank of your new role. In this case, a Super user will be able to access all screens of access level Super, Power, Basic and Public, but will not be able to access Admin app screens.

Base Permissions determines the read/write permissions of the role. Options include:

  • No permissions
2Read Only
  • Read data from queries, tables and views
  • Read
  • Write to tables
  • POST queries
  • Trigger automations
  • Read/Write
  • Read from the Users table