Back to Home

Permissions & Roles

Understand roles, permissions, and access control in True Record.

Access Control Overview

True Record uses a role-based access control (RBAC) system to manage what users can see and do. Each user is assigned a role that determines their permissions.

Standard Roles

True Record includes six standard roles. Organizations on Enterprise plans can also create custom roles with granular permissions.

Owner

Level 1

Full access to all features including billing, organization deletion, and owner transfer.

All permissionsBilling managementOrganization deletionOwner transfer

Admin

Level 2

Full access to all features except billing. Can manage users, settings, and all duplicate operations.

User managementAll settingsAPI keysSchedule management

Config Admin

Level 3

Can configure matching rules, field weights, and schedules. Cannot manage users or billing.

Configure matching rulesManage schedulesManage field weightsView all data

Member

Level 4

Can merge and dismiss duplicates, run scans, and perform day-to-day duplicate management tasks.

Merge recordsDismiss duplicatesRun scansBulk actions

Viewer

Level 5

Read-only access. Can view duplicate findings and scan history but cannot take any action.

View duplicatesView scan historyView reports

Auditor

Level 6

Read-only access focused on audit and compliance. Can view activity logs and merge history.

View activity logsView merge historyExport audit reports

Permission Categories

Record Management

view_duplicatesView duplicate findings
merge_recordsMerge duplicate records
dismiss_duplicatesDismiss duplicate pairs
bulk_mergeMerge multiple records at once
delete_recordsDelete records from Salesforce

Scanning

run_scansStart duplicate scans
create_schedulesCreate scheduled scans
manage_schedulesEdit or delete schedules
view_scan_historyView past scan results

Data Operations

import_dataImport CSV files
export_dataExport duplicate reports
enrich_recordsUse data enrichment
verify_recordsUse verification add-ons

Settings

manage_matching_rulesConfigure matching rules
manage_integrationsConfigure webhooks and integrations
manage_api_keysCreate and revoke API keys
view_settingsView organization settings

Administration

manage_usersInvite, remove, and change user roles
manage_billingAccess billing and subscription
manage_creditsPurchase and allocate credits
delete_organizationDelete the organization

API Scopes

API keys have scopes that limit what actions they can perform.

read

Read-only access to duplicates and scan results

write

Create scans, merge records, dismiss duplicates

admin

Full access including settings and user management

export

Export data and generate reports

Salesforce Permission Requirements

True Record requires certain Salesforce permissions to function. The connected user must have:

Required

Read on Lead, Contact, Account

Required to scan for duplicates

Modify on Lead, Contact, Account

Required to merge and update records

Delete on Lead, Contact, Account

Required for delete actions

Convert Leads

Required for Lead conversion actions

API Enabled

Required for Salesforce API access

Recommended

View All Data

Ensures all records are scanned

Modify All Data

Ensures all records can be merged

Frequently Asked Questions

How do I change a user's role?

Go to Settings → Team Members, find the user, and select a new role from the dropdown. You must have the manage_users permission.

Can I create custom roles?

Custom roles are available on Enterprise plans. Contact support to configure custom role permissions.

What happens if I remove a user?

Removed users immediately lose access to True Record. Their actions are retained in audit logs. Salesforce access is not affected.

Why can't I perform an action?

Your role may not have the required permission. Check Settings → My Profile to see your current role and permissions.

Back to Documentation