Custom roles: Governing data field access

Jake Sawyer

Updated June 05, 2026 20:15

Custom roles allow you to govern which members can create, edit or delete the master data you use throughout your Productboard workspace. This helps you more closely map your workspace members' roles in Productboard to their responsibilities in your organization.

Custom roles also allow you to govern which fields members can update on a feature. This helps you more closely map your workspace members' roles in Productboard to their responsibilities in your organization.

You can now create new maker roles and define how they interact with Productboard to fit your organizational structure and internal processes. Roles can always be updated from the Members page but may affect how much you pay. We'll let you know if so.

Note: Custom roles require an Enterprise+ plan. If you're on a regular Enterprise plan, please contact your account team to discuss upgrading.

Pricing and impacted seats

Productboard has four “out of the box” base roles:

Admin (paid)
Maker (paid)
Contributor (unpaid)
Viewer (unpaid)

You can also create custom roles, which are instances of maker seats.

Note: Sharing a board with a maker will also share it with anyone that is assigned a custom role.

What can be customized?

You can now define a custom role, which is a variation of the maker role. You can give custom roles their own names and remove certain capabilities from them.

Data field access

You can restrict custom roles from the following actions:

The creation of certain data fields.
The editing of certain data fields.
The deletion of certain data fields.

The data field types that can be restricted are:

Objectives	Key results	Initiatives	Custom fields
Products	Components	Features	Subfeatures
Segments	Companies	Users	Drivers and Scores
Tasks	Tags	Release groups	Releases
Teams	Themes	Topics

Note: SSO/SAML updates to leverage custom roles are not included.

Data field restrictions within feature details

All data fields that are visible on a feature can be restricted. This allows you to tailor a role to a specific persona and their responsibilities within your organization by hiding irrelevant fields.

Here are some sample personas and use cases:

Targeted Persona	Sample Use Case
Engineering Managers/Leads/Developer	As a Product Operations Director I would like my Engineers to only update Feature Timeframe, Effort, and other Engineer relevant fields So that I can ensure data health & maintain data governance
UX Designers	As a Product Operations Director I would like my Designers to only be able to update Feature Descriptions and add attachments

Creating a custom role

Only admins can create custom roles.

To create a custom role:

From the Main menu, click More > Settings > Roles.
Click Create custom role to begin defining a new one.

Note: There is currently no limitation on the number of roles that can be created.

Defining a custom role

To define a custom role, first give it a name, and a description if needed.

Then select its capabilities on the Data table. By default, the role will be able to create, edit, and delete all data field types. Simply uncheck a box to prevent the role from being able to create, edit, or delete that row's data field type.

Once you’ve given the role a name and defined its capabilities, click Create to complete the process.

Reviewing roles

Once you’ve created a role, it will appear on the Roles page. From here, you can see all the custom roles you’ve created, along with how many members have been assigned each role.

You can click on a role to review and edit its capabilities. When editing an existing role, you can either discard your changes or save them. You can also click the ••• More actions button to delete the custom role.

Reviewing roles as a non-admin

Even non-admins can click on roles to review them, though they can't make any changes. This allows them to see the definition of each role in your workspace, which can clarify to members what their role is and why they don’t have access to specific capabilities. For further clarity, the member will also see who created the role and when it was last updated.

Assigning a member to a role

Once you’ve created a custom role, you'll need to assign members to it.

To assign a custom role:

From the Main menu, click More > Settings > Members.
Click the button to the right of a member's name to open the role assignment dropdown.
Update the role associated with a given member.

Note: You can actually create a new custom role from here too. Just click the + Plus button beside the Custom Roles section in the role assignment dropdown. Doing so will not automatically assign the new role to the originally-selected member.

You can also adjust a member's role from their Account info page. Click on the member's name, then update their Role field.

Custom roles with SCIM

After you've added your custom roles in Productboard, you can create a matching role in your identity provider with the same workflow used to configure Productboard’s base roles (admin, maker, contributor, and viewer). Click on an identity provider below to view linked instructions and screenshots.

Note: Custom role names are case sensitive. When creating custom roles in your identity provider, make sure to match their names exactly to the custom roles you created in Productboard.

Okta

For provisioning Okta SCIM: Setting up SCIM provisioning with Okta

For setting up the base roles: Configuring Productboard roles in Okta correctly

The role name needs to follow this format: “maker_Case Sensitive Custom Role Name”, where maker_ is the base role for the custom role. Currently the only base role available is maker_, but other base roles (admin_, contributor_, viewer_) may be available in the future.
The role name can include spaces. Include them in the string normally. For example, “maker_my new role” will work just fine.

Microsoft Entra ID (formerly Azure AD)

For provisioning Microsoft Entra ID and setting up the base roles: Setting up SCIM provisioning with Microsoft Entra ID

The role name needs to follow this format: “maker_Case Sensitive Custom Role Name”, where maker_ is the base role for the custom role. Currently the only base role available is maker_, but other base roles (admin_, contributor_, viewer_) may be available in the future.
The role name can include spaces. Include them in the string normally. For example, “maker_my new role” will work just fine.

If you've provisioned SCIM properly, you should now be able to assign custom roles from your identity provider and have them update in Productboard right away.

SCIM Troubleshooting

Here are some common failure responses that could be displayed in your identity provider and how to solve them:

Role with base role '%baseRole%' and custom role '%customRole%' was not found.

Make sure the custom role is defined in Productboard.
Make sure the role name in the identity provider follows the correct format of MAKER_customrolename.
Make sure to use “MAKER” as the base role.
If there are spaces in the custom role name, be sure to include them (i.e. “MAKER_my new role”).

Role '%baseRole%' is not a valid role.

Make sure to use “MAKER” as the base role.

Member '%id%' was not found.

Member is not found in the system. Contact Productboard support if error persists.

Entity action definitions

Here are precise definitions for each available restriction you can place on a custom role.

Entity	Create	Edit	Delete
Objective	The ability to create a new objective.	The ability to edit the attributes on an objective.	The ability to delete the objective entirely.
Key result	The ability to create a new key result.	The ability to edit the attributes on a key result.	The ability to delete the key result entirely.
Initiative	The ability to create a new initiative.	The ability to edit the attributes on a initiative.	The ability to delete the initiative entirely.
Product	The ability to create a new product.	The ability to edit the attributes on a product, as well as creating/editing/deleting the child entities of a product (component, feature, subfeature).	The ability to delete the product entirely.
Drivers and prioritization scores	The ability to create a new driver or score.	The ability to edit the driver name and description. You can still associate a driver with a product and comment on the driver. The ability to edit the prioritization score name, description, effort and driver(s). You can still associate a prioritization score with a product and comment on the prioritization score.	The ability to delete the driver or prioritization score entirely.
Release groups and releases	The ability to create a new release group. When deleting the release group all contained releases are deleted as well.	The ability to edit the release group name, and description, and add/edit/delete a new release within the Release group. You can still associate a release group with a product.	The ability to delete the release group entirely.
Tasks	The ability to create a task.	The ability to edit the task name, and description, and add/edit/delete values on the task. You can still associate a task with a product and comment on the task.	The ability to delete a task. When deleting a task all contained values are deleted as well.
Tags	The ability to create a new tag.	The ability to edit the tag name and description. Including the ability to merge a tag.	The ability to delete a tag.
Custom fields	The ability to create a new custom field.	The ability to edit the custom field name and description, and add/edit/delete Values on the custom field (where applicable). You can still associate a custom field with a product andcomment on the custom Field.	The ability to delete a custom field.
Users	The ability to create a new user.	The ability to edit the attributes of a user.	The ability to edit the attributes of a company.
Companies	The ability to create a new company.	The ability to edit the attributes of a company.	The ability to delete a company.
Segments	The ability to create a new segment.	The ability to edit a segment.	The ability to delete a segment.
Teams	The ability to create a new team.	The ability to edit a team.	The ability to delete a team.
Themes	The ability to create a new theme.	The ability to edit a theme.	The ability to delete a theme.
Topics	❌ Unavailable. Topics can only be created by AI.	The ability to merge one topic into another topic.	The ability to delete a topic.