# Roles and Permissions
Replica uses role-based access control. Assign one or more roles to each user to define their access.
Users inherit the combined permissions of all assigned roles.
## Roles Overview
| Role | Description |
| --------- | --------------------------------------------------------------------------------------- |
| Core | The standard set of permissions for a typical Replica User |
| API | A set of permissions that grant API access and access to Replica Jobs |
| Isolation | A limited set of permissions to trigger a VE creation and launch it |
| Guest | Limited access to interact with existing VEs only |
| Admin | An administrative set of permissions granting full access and visibility within Replica |
| Audit | A set of permissions for access to audit, log, and monitoring data |
## Replica Core Functionality
| | Core | API | Isolation | Guest | Admin | Audit |
| ------------------------ | :--: | :-: | :-------: | :---: | :---: | :---: |
| Use Environments | X | | | X | | |
| Manage Environments | X | | | | | |
| Quick-Launch Environment | X | | X | X | | |
| Manage Enclaves | X | | | | | |
| Manage File Requests | X | | | | | |
| Manage Jobs | | X | | | X | |
| Manage Profiles | X | | | | | |
| Manage Self | X | X | X | X | X | X |
| Receive Notifications | X | | X | X | X | X |
| Use External Links | X | | | X | X | |
| Use Phone Numbers | X | | | | | |
| Use Profiles | X | | | | | |
| Use Zones | X | | | | X | |
| View Images | X | | | | X | |
## Platform Administration
| | Core | API | Isolation | Guest | Admin | Audit |
| ----------------------------- | :--: | :-: | :-------: | :---: | :---: | :---: |
| Access Logging | | | | | X | X |
| Access Monitoring | | | | | X | X |
| Manage Advanced Configuration | | | | | X | |
| Manage External Links | | | | | X | |
| Manage Groups | | | | | X | |
| Manage Hardware Devices | | | | | X | |
| Manage Images | | | | | X | |
| Manage Notifications | | | | | X | |
| Manage Phone Numbers | | | | | X | |
| Manage Proxies | | | | | X | |
| Manage Routers | | | | | X | |
| Manage SMS Devices | | | | | X | |
| Manage Storage | | | | | X | |
| Manage Telephony Providers | | | | | X | |
| Manage Translation | | | | | X | |
| Manage Users | | | | | X | |
| Manage Zones | | | | | X | |
| Read Swagger Docs | | | | | X | |
| Modify Global Assignments | | | | | X | |
| Modify All Data | | | | | X | |
Modify Global Assignments
Resources assigned to `Global` are visible to all users. Only admins can assign resources to or from `Global`.
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.replicacyber.com/admin-guide/user-management/roles-and-permissions.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.