In addition to assigning roles at the organization level, roles can be assigned at the site level. The user or application then inherits only the role's permissions for that specific site. It is not possible to grant user-specific permissions at the site level.
Not all permissions can be granted at the site level, such as user management permissions.
Steps
Follow the next steps to start applying roles at the site level:
Get informed
Before you begin, read the articles in Roles to learn more about creating roles. Read Roles and site access to learn more about assigning roles and what permissions result when you assign roles that contain both site-specific and organization-wide permissions at the organization and site levels.
Manage roles
Create a clear plan for establishing roles within your organization. Consider the permissions you want to assign to your users at the site level going forward.
Delete unused roles that you do not plan to use. Find unused roles by going to the Roles tab and clicking each role to check whether it has any members. Role members only show roles assigned at the organization level. Roles assigned at the site level can only be viewed per user. Therefore, perform this cleanup action before assigning roles at the site level.
Create new roles that you plan to assign at the site level, containing the desired site-specific permissions.
Adjust existing roles so that they only contain permissions that you want to be granted at the organizational level.
Assign roles
Assign roles to all users individually according to your plan. At the organization level, you can assign roles both via the Users tab per user and via the Roles tab per role. At the site level, you can only assign roles per user via the Users tab: click a user in the Users tab, then click the three dots button, and finally click Assign roles