Skip to main content
Newspaper illustration

How to Create Custom User Roles & Permissions in Marketo

Whether you have a small team of Marketo users or many users to manage, Marketo makes administration and governance simple with user roles and permissions.

What are User Roles & Permissions?

User roles are Marketo’s approach to controlling access to areas and functionality within a Marketo instance. These user roles allow you to restrict or grant specific permissions to individual users. Marketo has a few out-of-the-box user roles, but you can create custom ones to fit your needs if you need more granular permissions.

Why should you use User Roles & Permissions?

User roles and permissions are the best way to keep your Marketo users’ access in check. The permissions you assign to specific user roles allow you to implement governance policies across your Marketo instance. There is never a scenario in which Admin access for every user in your instance is a good idea. Work with your marketing operations team to determine what level of access is required for roles throughout your team.

When should you use Custom User Roles vs Marketo’s out-of-the-box User Roles?

Marketo provides the following roles out-of-the-box:

  • Admin
  • Standard User
  • Marketing User
  • Web Designer
  • Analytics User

Admin and Standard User are system roles that cannot be edited. Marketing User, Web Designer, and Analytics User can all be adjusted if you need different permissions than the default setup.

In addition to these out-of-the-box user roles, you can also create custom roles to grant specific permission sets for any additional roles you might need. Think through each role’s responsibilities and what they should or should not have access to in order to maintain system governance and security. If you need a more granular level of permissions, custom user roles are a great option.

How can you create a Custom User Role?

In order to create custom roles or edit existing roles, you must have Admin access. In the Admin area of Marketo, navigate to “Users & Roles” and open the “Roles” tab. Here you will see all the roles currently active in your instance. Click “New Role” and enter a name for your new custom role and assign permissions. There are many permissions you can apply to a role. Marketo’s documentation provides descriptions of role permissions you can reference as you set up a new role.

A great use case for a custom role is creating a role for “Expired User” and granting it zero permissions. When this role is applied to a user who no longer should have access to Marketo, it will retain the user’s system history and restrict any access. If a user had an Admin role and is expired, they can still receive system notifications, so moving the expired user to this custom “Expired User” role can help further restrict access and information to your Marketo instance. It is recommended that you do not delete users, but instead expire their access and assign them to a custom “Expired User” role to prevent losing their system history.

In conclusion, user roles and permissions are essential for effectively managing and governing access to Marketo instances. Whether you have a small team or a large one, assigning specific permissions via user roles is critical for maintaining security and governance. While Marketo offers out-of-the-box user roles, creating custom roles allows for more granular control over user access where necessary. By following these best practices, you can ensure that your Marketo instance is well-governed, and (most importantly) access is only granted to those who truly need it.

Get in Touch with Us

At Etumos, we love what we do and we love to share what we know. Call us, email us, or set up a meeting and let's chat!

Contact Us