User accounts are created and administered in the User Management dialog box, and then assigned to vaults.
In addition to unique user names and passwords, users are assigned roles. Roles determine whether or not a user can administer the vaults, create folders, add and delete files, or get data. Each role is defined by a set of permissions. Role-based permissions are additive, so a user assigned multiple roles has all the privileges of the assigned roles. A user that does not have any role assigned and does not belong to a group with a role has no access to the vault.