Authors: Brittany Firestone, Erin Keefe, Kelley Lozicki, Dr. KC Testerman and Chasina Worman

photo of iPhone, pen and pad

Why are Roles and Permissions Important to Consider?

In Canvas, roles and their associated permissions are highly customizable and flexible. As instructional leaders, it is important to take time to understand the available customizations before deciding how to set each permission. Strategically planning the use and customization of your account’s roles and permissions can help your organization increase Canvas usage, provide clearer visibility into what’s happening in your instance of Canvas and improve workflows.

Permissions are the privileges given to each role. The Account Admin role has all permissions enabled in Canvas by default. Course-level roles also have corresponding permissions enabled by default. As you create new roles in Canvas, you can customize the permissions given to each role.

You can create and manage both Account-level and Course-level roles. 

• Account level roles will be assigned to users who have Admin permissions in Canvas 
• Course level roles will be assigned to users who are enrolled in a course in Canvas 

Canvas comes with the following roles pre-built:

New Permission Granularity

If you haven’t revisited your permissions lately, you may want to! Many of the permissions were given additional granularity. As an example, Manage Course Content was updated so that instead of the permission being “Course Content - Add/Edit/Delete,” each of those permissions is now broken apart and can be granted separately. 

How Can you use Roles and Permissions?

Roles and permissions created at the root-account level will trickle down into the sub-accounts. Customized sub-account Admin Roles can be created and assigned specific permissions. You have the ability to lock a permission so it cannot be changed at the sub-account level. 

We recommend thinking of the roles as “what you need the users to do in Canvas,” and not what their title is at your institution. Below are some ideas for roles you may want to create at various account levels. 

Root Account

Consider keeping your root Account Admin Role assignment very limited. Remember, those with full root Account Admin access can control everything in your Canvas instance. 

Build any additional account roles at the root account, so that they are available in all of your sub-accounts, then assign and customize them at the sub-account level. 

Sub-account

Each sub-account has its own permissions page, so admins can create account-level roles within a sub-account and add sub-account permissions directly within that sub-account.

Create customized sub-account admin roles for:

• Principals, assistant principals, deans, and department chairs - allow easier access to courses for observations, supervision, and data analysis
• Instructional coaches, academic advisors, instructional designers, guidance counselors, and special education teachers - allow easier access to many different courses
• Tech support - allow easier view access for your technical support person to problem solve in many different courses

Courses

Some institutions create additional course-level roles. One example we frequently see is the role of the Non-Editing Teacher. This is great for those who would like to add their colleagues to their courses in a view-only capacity.

Image of course role permission edit in Canvas

Best Practice Recommendations 

Now that you have acquired a basic understanding of Roles and Permissions in Canvas, see the following best practices and recommendations to keep in mind.

Cleaning up and Monitoring of Roles 

Roles and Permissions isn’t a set-it-and-forget-it area of your Canvas instance. We recommend that you document the roles and permissions you create, as well as who you have assigned them to. Then, set a schedule to review them to ensure that any changes or updates are made and that they are assigned to the appropriate users.

Scalability

Keep it small. A large number of custom roles and permissions means additional planning, training, and support. Too many roles can make it difficult to manage SIS feeds, provide a consistent user experience across the institution, or create clear and concise help documentation. When a new need arises, evaluate the existing roles before deciding to create a new custom role. Is there a role that comes close to meeting the needs? If so, are there compromises or concessions to be made?

Err on the Side of Caution

Finally, here are a few suggestions for implementing new roles and permissions in Canvas.

• Don’t forget your Beta instance! Test new roles and permissions there first.
• Looking to introduce a brand new role? If your timeline allows, conduct a small pilot with a group of trusted users to test the role and provide feedback on whether or not it meets their needs.
• It is much easier to grant permissions than to take them away. Err on the conservative side -- especially when it comes to granting Account-level Permissions, or access to grades and user information. Trust that the need for more access will surface if it exists.

Download this sample School Sub-Account Admin Roles document.

Image of permissions guide

Would you like to know more about how you can build and continue to maintain your Canvas instance with all of the best practices and updates? Check out our new Canvas Certified Technical Admin program.