Control available roles per organization with Role Sets

You can now control which roles are available to each organization using Role Sets. Assign different Role Sets to different organizations based on subscription tiers, customer cohorts, or business needs — if a role isn't in an organization's Role Set, members can't be assigned that role.

What's new

Role Sets allow you to define separate collections of roles and permissions across organizations. This enables advanced use cases like:

• Creating different role hierarchies for different teams or departments
• Isolating permissions across multiple products or services within one organization
• Building flexible multi-tenant architectures with customizable access patterns
• Supporting complex organizational structures with varying authorization needs

Use Role Sets when different Organizations need different available Roles. This works well for:

• Different pricing tiers - Your Free plan offers only admin and member, Pro adds moderator and analyst, and Enterprise adds security_admin and compliance_officer.
• Different customer cohorts - Small practices get physician and nurse, while large hospitals also get department_head and specialist. All cohorts share admin and member, but get additional Roles specific to their size.

When you modify a Role Set, the changes are automatically applied to all Organizations using it. This makes it easy to roll out new Roles across multiple Organizations at once.

Each instance gets one role set by default at no additional cost. Additional role sets require the Enhanced Organizations add-on.

Getting started

Visit the Role Sets documentation⁠ to learn how to create and manage Role Sets for your organizations.

You can also manage Role Sets through the Clerk Dashboard or programmatically via the Backend API. Visit the Role Sets documentation⁠ for detailed guides, or see the Backend API reference⁠ for API details.