# Access Permissions for Admin UI

You can control which Admin UI features are available to different users by assigning permissions to roles. This allows you to restrict access so users can only view (read) or modify (write) specific features.

## Default Roles

Two default roles are available:

* **`connectware-admin`** - Full access to all features and operations. Users with this role can view and modify everything.
* **`minimum-access`** - Limited access for users who only need to view specific information. See the full list of accessible features:

{% content-ref url="access-permissions-for-admin-ui/minimum-access-role-pages" %}
[minimum-access-role-pages](https://docs.cybus.io/2-1-0/documentation/user-management/access-permissions-for-admin-ui/minimum-access-role-pages)
{% endcontent-ref %}

## Custom Permissions

You can create custom permission sets beyond the default roles. To do this, assign specific HTTP and MQTT paths to a role, then assign that role to your users.

For a complete reference of which permissions are needed for each Admin UI page and operation, see:

{% content-ref url="access-permissions-for-admin-ui/ui-access" %}
[ui-access](https://docs.cybus.io/2-1-0/documentation/user-management/access-permissions-for-admin-ui/ui-access)
{% endcontent-ref %}