Skip to content

Roles & Permissions

Roles & Permissions

Roles define what users can do in Stratos. This article provides a detailed reference for each built-in role and the specific permissions it grants.

Read-only access across the platform.

AreaPermission
ScreensView screens and their status. Cannot authorize, edit, or send commands.
LayoutsView published layouts. Cannot create or edit.
PlaylistsView playlists. Cannot create or edit.
SchedulesView schedules. Cannot create or edit.
MediaView media library. Cannot upload, edit, or delete.
ReportsView reports and proof of play.
UsersCannot access user management.

Can create and edit content.

AreaPermission
ScreensView screens. Cannot authorize or send commands.
LayoutsCreate, edit, and publish layouts.
PlaylistsCreate and edit playlists.
SchedulesCreate and edit schedules.
MediaUpload, edit, and organize media. Cannot delete.
ReportsView reports.
UsersCannot access user management.

Full content control plus screen management.

AreaPermission
ScreensAuthorize, edit, and send commands to screens.
LayoutsFull layout management.
PlaylistsFull playlist management.
SchedulesFull schedule management, including overrides.
MediaFull media management including delete.
ReportsView and export reports.
UsersCannot manage users or roles.
FoldersCreate and manage folders within granted access.

Focused on day-to-day screen operations.

AreaPermission
ScreensView status, send commands (Collect Now, Restart, Reboot), request screenshots.
LayoutsView only.
PlaylistsView only.
SchedulesView only.
MediaView only.
ReportsView proof of play and uptime reports.
UsersCannot access user management.

Unrestricted access.

AreaPermission
All contentFull management of screens, layouts, playlists, schedules, and media.
UsersInvite, edit, and remove users. Create and edit roles.
SystemConfigure system settings, navigation overrides, and integrations.
BillingView and manage account billing (if applicable).

Administrators can create custom roles that combine specific permissions. See Managing Roles for details.

When a user has multiple roles, their effective permissions are the union of all role permissions. If one role grants “edit layouts” and another grants “delete media,” the user can do both.

Roles determine what you can do. Folder grants determine where you can do it. Even with the Manager role, you can only manage content in folders you have access to.