# Access policies {% hint style="info" %} Create a custom access policy (or choose a managed access policy), assign it to an access role, then assign the access role to your users. {% endhint %} Access policies are a crucial aspect of managing data access and usage within the MessageBird environment. They are a set of rules that either grant or deny access to specific areas within the software. By creating access policies, you can improve compliance and ensure that data is accessed only by authorized users.
There are two types of access policies: * [Managed access policies](#managed-access-policies), created by MessageBird. * [Custom access policies](#custom-access-policies) that you can create yourself. ### Managed access policies Managed access policies are policies that have been created for you by MessageBird to make it easier for you to get set up. These are the available manages access policies: | Policy | Description | | ---------------------------------- | ----------------------------------------------------- | | OrganizationsReadOnly | Read-only access to all organizations and workspaces | | FoundationsSupportHero | To provide Nest foundations support | | OAuth2ClientCreate | | | InboxVariousResourcesDeleterPolicy | inbox: delete various resources | | InboxVariousResourcesEditorPolicy | inbox: write various resources | | InboxVariousResourcesViewerPolicy | inbox: view various resources | | OrgSwitcherViewerPolicy | view workspaces, list | | TouchPointsProjectViewerPolicy | view touchpoint projects, list and entity | | BotEditorPolicy | edit bots | | AgentProfileEditorPolicy | edit agent profiles | | ConversationEditorPolicy | edit conversations | | FeedItemsEditorPolicy | edit feed items list and entity | | UsersViewerPolicy | view users, list | | ConversationCreatorPolicy | create feed item conversations | | BotViewerPolicy | view bots, list and entity | | GroupViewerPolicy | view workspace contacts groups, list and entity | | ConversationViewerPolicy | view workspace conversations, list and entity | | ConnectorsViewerPolicy | view workspace connectors, list and entity | | UserFeedViewerPolicy | view workspace user feeds, list and entity | | FeedViewerPolicy | view workspace feeds, list, entity | | TeamViewerPolicy | view workspace teams, list and entity | | AgentViewerPolicy | view agent list and entity | | ChannelViewerPolicy | view workspace channels, list and entity | | PlatformViewerPolicy | view workspace platforms, list and entity | | ComplianceManager | Manage approval flows and KYC forms | | PaymentMethodsManager | Manage payment methods policy | | FinanceManager | Manage finance | | NumbersManager | Manage numbers and providers | | ChannelManager | Manage connector templates | | ProductManager | Manage products and pricing | | SalesManager | Prepare new customers and assign custom pricing plans | | AccessManager | Manage access to the platform | | OrganizationFullAccess | Provides full access to everything in an organization | | InvoiceViewer | View invoices per organization | | KYCFormViewer | | | AllOrganizationsReadAccess | | ### Custom access policies You can create your own custom access policies by following these steps: 1. Go to your **Organization Settings** and click **Access policies**. 2. Click the **Create custom policy** button. 3. Enter a **Policy name** and a **policy description**. 4. In the "Definition" section, under **Effect**, select 'Allow' or 'Deny' from the drop-down. This will establish if the policy you are creating will 'allow' or 'deny' users access to specific users area of your organization. 5. Under **Action**, you define what action you are 'allowing' or 'denying' users from performing. Choose one of the following options from the drop-down: * any * view * create * delete * update 6. In the **Resource** field, define the URL of the area of the organization you are 'allowing' or 'denying' users access to. For example: /workspaces{workspaceId}/contacts. 7. You can add multiple definitions and resources to create more complex access policies by clicking **Add resource** or **Add definition**. 8. Click **Create policy** to create your custom access policy. ### Using access policies Once you have created your access policy, (or chosen which managed policies you want to use) you can assign it to an access role, and then assign the access role to a user. This will ensure that the user only has access to the areas of the organization that you have specified in the access policy.