> ## Documentation Index
> Fetch the complete documentation index at: https://docs.dfns.co/llms.txt
> Use this file to discover all available pages before exploring further.

# Define and assign roles

> Give your users the right level of access to the Dfns features and secure your organization by defining a clear set of reusable roles.

Roles are a whitelist of permissions that a user will be allowed to use. Please refer to the complete documentation for more details, including the full list of permissions: [permissions overview](/core-concepts/roles-and-permissions#list-of-permissions)

<Steps>
  <Step title="Create a new role">
    Head to the Permissions page: `Settings > Permissions` (direct link: [https://app.dfns.io/permissions](https://app.dfns.io/permissions)). Then click "Create Role".

    <Frame>
      <img src="https://mintcdn.com/dfns-6d8c7466/C-QxugfNcolBADI3/images/Permissions01.png?fit=max&auto=format&n=C-QxugfNcolBADI3&q=85&s=40753487bd6ab164416f3a5efb56e0cb" alt="" width="2236" height="1646" data-path="images/Permissions01.png" />
    </Frame>
  </Step>

  <Step title="Define the authorized permissions">
    Give a name to your role, in our example: "Approver", a user whose only job will be to validate transactions. Select the permissions as shown below:

    <Frame>
      <img src="https://mintcdn.com/dfns-6d8c7466/C-QxugfNcolBADI3/images/Permissions02.png?fit=max&auto=format&n=C-QxugfNcolBADI3&q=85&s=ce3b99effac63b4465e3fa644972e773" alt="" width="2236" height="1646" data-path="images/Permissions02.png" />
    </Frame>

    <Info>
      Some permissions here are not directly related to approving transactions, but are required to use the dashboard.
    </Info>

    Then create and 🔑 sign the operation with your passkey.

    <Check>
      You have successfully created a new role! It's now usable with any user (employees, service accounts, etc).
    </Check>
  </Step>

  <Step title="Assign the role to users">
    Head back to the users list Org > Users (direct link: [https://app.dfns.io/users](https://app.dfns.io/users)) and select the user you need to assign the role to. Click "Add Role" and select your newly created role. Confirm and 🔑 sign the operation with your passkey.

    <Frame>
      <img src="https://mintcdn.com/dfns-6d8c7466/C-QxugfNcolBADI3/images/Permissions03.png?fit=max&auto=format&n=C-QxugfNcolBADI3&q=85&s=c5f191aaa9e278772179f3d333108747" alt="" width="2236" height="1646" data-path="images/Permissions03.png" />
    </Frame>

    <Check>
      Your user is now able to approve transactions!
    </Check>
  </Step>
</Steps>

<Check>
  You can now create as many roles as you need to enforce the least privilege principle in your organization.
</Check>

You can now head to the next step: [Create Policies](/introduction/quickstart/3-create-policies)