The following roles can be assigned to users each providing their specific level of access to a user.

Administrator

An administrator has read and write access to all parts of the system, including (but not limited to) the ability to see all transaction details and perform refunds, configure connections and Flow rules, manage API keys, and control the access of admin and non-admin users.
An administrator does not need any other roles assigned, as it has access to the combined permissions of all other roles. In a multi-merchant environment, and administrator will have access to all merchant accounts.

Analyst

An analyst can view transactions, including the payment method and buyer details. This role is great for a user that is looking to perform analysis over transactions but is not expected to perform any actions on transactions, like performing a refund. By default, this role has no access to billing details, shipping details, and reports. Additional permissions can be configured for this user.
Additional permissions can be configured for this role to grant access to reports and billing details.

Customer Support

A customer support user can view and manage transactions, including the ability to perform refunds, voids, and captures. This role is great for a customer support agent who needs insight across all transactions and is expected to perform a refund, void transactions or capture an authorization. By default, this role has no access to billing details, shipping details, and reports. Additional permissions can be configured for this user.
Additional permissions can be configured for this role to grant access to reports and billing details.

System Manager

A system manager can view and manage connections and Flow rules. This role is suited for a payment manager who needs the ability to manage connections to payment services, anti-fraud services or configure Flow rules.

System Support

A system support user has view-only access to connections and Flow rules. This role is great for a support agent who needs to inspect the configuration of Connections and Flow rules to understand how a transaction was processed.

User Manager

A user manager can manage users, including the ability to invite new users, reset passwords, assign roles, and remove users. Please note that a user manager will need to be assigned additional roles to allow them to assign those roles to other users. For example, if the user is generated with only the User Manager and Analyst roles, then the user manager will only be able to assign other users the analyst and user manager roles. They will not be able to assign them any other roles.