Roles and permissions in your app
Give different users different access levels — admins, editors, viewers, custom roles.
Most apps need at least two types of users: admins (who can do everything) and regular users (who can do a subset). OverSkill makes that easy.
Default roles
Out of the box, every new app has two roles:
- Owner — you. Full access to everything, including billing and settings.
- Member — regular signed-up users. Can do what you've set as the default.
Adding more roles
Most apps benefit from a third or fourth role. Tell the AI:
Add an
Editorrole. Editors can create and edit content but not delete it or invite new users.Add three roles: Admin (full access), Editor (create + edit), Reader (view-only).
Per-page permissions
Once roles exist, you can gate any page or button:
Only Admins can see the Settings page.
Editors can click the
Publishbutton, but Readers can't.Make the Users page Admin-only.
Assigning roles to users
Three options:
- Manual assignment — in the editor sidebar → Users, pick a user and change their role
- Self-selection at sign-up — users pick their role when they create an account (good for marketplaces with sellers + buyers)
- Automatic by domain — users from
@yourcompany.comget Admin automatically (good for team tools)
Describe what you want and the AI sets it up.
Changing a user's role later
Open Users → click the user → change Role → save. Their access updates within seconds.
Promoting users automatically from inside your app
Sometimes you want a user to move up a tier on their own — for example, someone redeems an access code, joins a group, or completes onboarding, and should instantly get the upgraded role with no manual step from you.
Your app can do this for you. Tell the AI:
When someone redeems a valid access code on the Claim page, automatically give them the
Member Plusrole.After a user finishes onboarding, promote them to
Verifiedso they get the higher limits.
The AI wires the promotion into your app directly. The user is upgraded the moment the action happens — if they're already signed in their access updates within seconds, and if they haven't signed in yet, the role is waiting for them the first time they log in. No more the owner has to notice and bump everyone manually.
What roles can't do
Roles control what users can SEE and DO inside your app. They don't change billing — only the owner can manage subscriptions and add seats.
What to read next
- How your app's users sign up — the broader auth setup
- Restricting access to paid users — gate by payment status