docs-mintlify/admin/users-and-permissions/roles-and-permissions.mdx
Cube has four built-in default roles: Admin, Developer, Explorer, and Viewer. Each role has specific permissions and access levels designed to support different responsibilities within the platform.
The Enterprise tier allows creation of custom roles with a customized set of permissions tailored to your organization's specific needs.
| Permission | Admin | Developer | Explorer | Viewer |
|---|---|---|---|---|
| Manage users and account settings | ✅ | ❌ | ❌ | ❌ |
| Manage deployments and their settings | ✅ | ✅ | ❌ | ❌ |
| Edit semantic model | ✅ | ✅ | ❌ | ❌ |
| Execute SQL queries against data sources | ✅ | ✅ | ❌ | ❌ |
| Explore and query semantic models | ✅ | ✅ | ✅ | ❌ |
| Create and edit workbooks | ✅ | ✅ | ✅ | ❌ |
| View published dashboards | ✅ | ✅ | ✅ | ✅ |
| Export data from dashboards (CSV, PDF, PNG) | ✅ | ✅ | ✅ | ✅ |
| Access Analytics Chat | ✅ | ✅ | ✅ | ✅ |
| Query from external tools (Tableau, Power BI) | ✅ | ✅ | ✅ | ✅ |
Admin roles are billed at the developer rate.
</Info>Agents are connected to Semantic Model Deployments and inherit the permission level of the user they are operating under.
Each agent can be configured to use the Restrict Views feature which allows to select the views that are visible to the agent. This feature should not be used as a security measure. Configure access policies instead.