Access Roles

Using Access Roles helps you keep your entire labeling system secure. You can choose exactly what the members of your Access Roles can do and see in Control Center and other Loftware modules within Loftware Cloud products.

Learn how to manage Access Roles and Permissions

Use the Users > Access Roles page in Control Center to set User Privileges for your labeling system according to your own specific security policies. Access Roles allow you to assign different sets of privileges to Control Center users.

Control Center includes default access roles with well-balanced permission sets:

[Note] Note

These default Access Roles have preset ranges of privileges. You can manually change the default permissions for each role except for the Administrator role.

  • Administration: All permissions granted. Members in this role have full Control Center privileges. Administrators can edit default roles, customize roles, and assign roles to users or groups.

  • Approver: Allows role members to review, approve, or reject labels or solutions in Document Storage. Approvers send documents to production.

  • Approver (second level): Allows role members to review, approve, or reject documents on the second document approval step. Approvers send documents to production.

  • Author: Allows role members to create or edit label templates and solutions. Members in this role can edit labels and forms, and have control over label production.

  • Operator: Allows role members to print labels and run solutions without editing. Members in this role have read-only access to Document Storage and cannot change any label templates or application configurations.

  • Service Provider: Allows your service provider to access your account for support, setup, and administration. This role has no members by default.

  • Cloud Integrator: Allows cloud integrators to access the Documents storage only. Cloud integrators use Cloud APIs, but for testing purposes, cloud integrators can also use Control Center UI.

Example 25. Example

John needs full access to Documents storage to upload printing solutions and make them available for production. Set John's Access Role to Author.

Annie needs access to the Reports page to prepare reports on printing consumables. You can assign Annie to any default Access Role.

Charlie is a printer operator. He only runs solution files in runtime mode and prints labels. Set Charlie's Access Role to Operator.

Martha is an account administrator. She needs access to all administrative features. Martha belongs to the Administrator Access Role.


To learn how to edit default Access Roles or add new Access Roles, read Setting up Access Roles.

Multiple Access Role membership

If your users or user groups are members of multiple Access Roles, their overall security access sums up privileges of all access roles.

When your users are members of two Access Roles, Control Center grants them privileges from their highest Access Role and overrides privileges denied in other roles.

Example 26. Multiple Access Role membership

Charlie is a member of Operator and Author Access Roles. His Operator role grants him read-only access to files stored in Documents, but his Author role grants him full access to Documents. In this case, Charlie has full access to Documents.