Ethos gives you fine-grained control over what each team member can see and do. Rather than choosing between Admin and Learner, you can assign specific roles that match each person's responsibilities — so they have exactly the tools they need, and nothing more.
| Already an Admin? Nothing changes for you. Admins automatically have all permissions. The new roles are designed for situations where you want to delegate specific responsibilities without granting full admin access. |
Available Roles
The following roles can be assigned individually or combined into a permission set.
| Role | What they can do |
|---|---|
| Course Editor | Create and edit courses, lessons, and quizzes in draft. Can view answer keys. |
| Course Publisher | Approve and publish draft content. Cannot edit content directly. |
| Tasklist Editor | Create and edit task lists in draft. |
| Tasklist Publisher | Publish task lists from draft to active. |
| Enrollment Manager | Assign courses to users and groups; create and manage enrollments. |
| User Manager | Create accounts, bulk import rosters, manage learning groups and org attributes. Cannot manage permission sets. |
| Learner Manager | Create and manage learner accounts, edit profiles, and manage learning groups. Limited to learner-scope operations. |
| Analyst | View reporting dashboards, analytics, and task list statistics. |
| Grader | Grade free-response questions and provide written feedback. |
| Course Auditor | Read-only access to all course content, folders, tags, and media. |
| Tasklist Auditor | Read-only access to task lists. |
| Enrollment Auditor | Read-only access to enrollments and learning plans. |
| Answer Viewer | View correct answers and learner responses on quizzes. Automatically included with Course Editor. |
| Media Editor | Upload, edit, and manage files in the media library. |
| Media Auditor | Read-only access to the media library. |
Tip: The Editor/Publisher split enables a built-in review workflow — one person creates content, another approves it before learners see it. This is useful for organizations that require a second set of eyes before anything goes live.
Built-in Roles
Two roles are built into the platform and cannot be removed or modified.
Admin — Includes every role listed above. If you were already an Admin before v1.7, your access is unchanged. Admins can also manage permission sets and platform settings.
Learner — The standard content role. Learners take courses, complete task lists, and view their own progress. Anyone who needs to access learning content should have this role.
Note: Users can hold multiple roles at the same time. For example, a team lead might be both a Learner (to take courses) and an Enrollment Manager (to assign courses to their team).
Permission Sets
Permission sets are named bundles of roles you can assign to a user in one click. Instead of selecting several individual roles, you pick a single permission set that includes all of them.
Default Permission Sets
Ethos includes five ready-made permission sets that cover the most common workflows.
| Permission Set | Included Roles |
|---|---|
| Instructor | Course Editor, Course Publisher, Enrollment Manager, Tasklist Editor, Tasklist Publisher, Answer Viewer, Grader, Analyst |
| Content Manager | Course Editor, Course Publisher, Media Editor |
| Analytics Viewer | Analyst, Enrollment Auditor |
| Auditor | Course Auditor, Tasklist Auditor, Enrollment Auditor, Media Auditor, Answer Viewer |
| Registrar | Enrollment Manager, Learner Manager |
Assigning a Permission Set
- Navigate to Admin > Users and select a user.
- Open the Roles section of their profile.
- Choose a permission set from the dropdown, or select individual roles manually.
- Save your changes.
Creating Custom Permission Sets
You can create your own permission sets to match your organization's structure, and edit the default sets to add or remove roles.
⚠️ Important: Changing a permission set does not retroactively update users who were previously assigned that set. Users assigned after the change will receive the updated roles — to update existing users, reassign the permission set or adjust their roles individually. Note: The Admin and Learner roles cannot be included in permission sets. These are managed separately. |
How Roles Affect Navigation
The platform automatically adjusts what each user sees based on their assigned roles. Navigation tabs, action buttons, and menu items only appear when a user has a role that grants access to that area — no manual visibility configuration needed.
For example:
- A Course Editor sees the Courses tab and content editing tools, but not Users, Analytics, or Grading.
- An Analyst sees the Analytics tab but cannot access course editing or user management.
- A Grader sees the Grading tab but nothing outside the learner experience.
The Learner Manager Role
The Learner Manager role is designed for front-desk staff, coordinators, or team leads who need to onboard and manage learners without broader administrative access.
A Learner Manager can:
- Create new users as learners (cannot create admin accounts)
- Edit profile details — name, email, and org attributes — for learner accounts
- Toggle the Learner role on or off for any user
- Create, edit, and delete learning groups and their membership rules
A Learner Manager cannot:
- Manage permission sets or assign admin-level roles
- Edit profiles of users who hold non-learner roles
Access course content, analytics, grading, or platform settings
Tip: Learner Manager is ideal when you want someone handling day-to-day user onboarding without access to course content or analytics. Pair it with the Enrollment Manager role if they also need to assign courses.
Best Practices
Start with the default permission sets. The five built-in sets cover the most common workflows. Try them before building custom sets — you can always adjust later.
Use auditor roles for view-only access. Users with auditor roles can review content and data without making any changes. This is useful for compliance reviewers or stakeholders who need visibility without edit access.
Take advantage of the Editor/Publisher split. Separating content creation from publication gives you a built-in review step, reducing the risk of accidental or premature publishing.
Assign roles through permission sets when possible. Permission sets keep your role assignments consistent and easy to audit. Assigning a single set to a new team member is faster and less error-prone than selecting roles one by one.
| ⚠️ Avoid over-permissioning. Give users only the access they need. This reduces the risk of accidental changes to published content, enrollments, or user accounts. |