# Roles

Roles are [organization](/provisioning/api-reference/organizations.md)-specific and can be assigned to a [membership](/provisioning/api-reference/memberships.md) (to grant a specific [user](/provisioning/api-reference/user.md) a set of [permissions](/provisioning/api-reference/permissions.md)) or to an [integration](/provisioning/api-reference/api_credentials.md#integration) API credential.

Roles can be of three types (identified by the `kind` attribute):

* `read_only` — to perform `GET` requests on any [Core API](https://docs.commercelayer.io/core-api-reference/) single resource or list of resources).
* `admin` — to perform any available CRUD operation on any Core API resource.
* `custom` — to grant a different set of permissions on multiple resources (**available for Enterprise plans only**).

## Custom roles

While the permission for the `read_only` and `admin` roles are set by default and assigned at runtime by the Core API, [Enterprise](https://commercelayer.io/pricing) customers can define `custom` roles [specifying custom permissions](/provisioning/api-reference/permissions/create.md) on CRUD actions at the single resource level so as to leverage a granular control, tailored to their needs.

{% hint style="info" %}
Existing roles cannot be deleted using the Provisioning API. A `read_only` and an `admin` roles are automatically created for your organization, so the `POST` method on the `/api/roles` endpoint will be successful only for Enterprise customers: in that case, all you need to do to [create a custom role](/provisioning/api-reference/roles/create.md) is to give it a name, the related `kind` will be automatically set to `custom`.
{% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.commercelayer.io/provisioning/api-reference/roles.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.