# Access Roles An access role is a set of one or more access policies that can be assigned to one or more users, or one or more access keys. Access roles can be managed via When creating access policies you should give access only to the resources you need to access via the API. ## Creating an access role In this example we will create an access role that will attach the access policy that was created in the [access policies](https://docs.bird.com/api/access-policies#creating-an-access-policy) example

Create a new role

1. The first step is to give the role a meaningful **name** and **description**. 2. Next attach one or more policy definitions. To select a custom policy make sure type is set to **organization.** 3. Finally Create Role

Create an access role

## Understanding role policies When creating a role you can add one or more access policies to provide (or deny) access a role access to certain API endpoints. As well as attaching custom policies that you have created, MessageBird has provided a number of managed policies to carry out common actions. | Field Name | Description | Values | | ---------- | --------------------------------------------- | -------------------------------------------------------- | | Type | Select from either custom or managed policies |

Organization
Managed

| | Policy | Select the policy | Any Organization or Managed policy that has been created |