Expedition comes with a framework to manage the Role-Based Access Control, this will help you to add users with different level of privileges.
1) Expedition User Roles:
a) Super User: This Role allows the User to manage everything on Expedition
b) Admin: This Role allows the user to Create projects and devices but cannot change system settings or add new users
c) User: This Role allows the user only to enter on Expedition and see projects and devices where has been granted access.
2) Project User Roles:
When a project is created by an Expedition Super-User or Admin, this can be edited by clicking on Settings
From the Settings window, we can add Expedition Users to the Project. Inside the Project, we have different Roles:
a) admin: This Role can change the Project Settings and modify all the content within it.
b) user: This Role can edit the project contents but it cannot change the project settings to add more devices or users to the project.
c) viewer: This Role is for read-only purposes. Doesn't have any privileges to change nothing inside the project or manage the project settings.
As an example, you can create a new Expedition user with Role (User) and attach this user to one Project as (admin), in this case the User be able to manage only the project and the content but it will be unable to add more projects, devices or users to Expedition.
Hope this helps to clarify how to assign Roles.