HR Manager role permissions (employees.* only)
The HR Manager role sees and manages employees but cannot see influencers, customers, or campaign data. The boundary is enforced at the API, not just the UI.
Why a scoped role exists
HR teams need to manage the employee directory, run HRIS sync, and handle privacy/compliance requests. They do not need access to marketing campaigns, influencer outreach, or customer data. Default Admin role would give them all three, overscoped.
What HR Manager can do
- View, edit, and offboard employees
- Run HRIS sync + manual CSV import
- Manage employee consents + retention
- Review compliance reports for employee posts
- See team-level leaderboard analytics (aggregated, not individual rankings)
What HR Manager cannot do
- View any influencer profiles or campaigns
- View customers, referrals, NPS data
- Touch the wallet, billing, or top-up
- See the Brand-side outreach inbox
Permission boundary technical detail
Every API endpoint that returns mixed audiences (marketplace_influencers joined with audience filtering) checks audience_type against the user’s scope. HR Manager scope is ['employee'] only. Non-employee rows are filtered out server-side.
Assign
Workspace settings → Members → Invite → role HR Manager. Existing Admins can be downgraded to HR Manager when responsibilities shift.