# Access Control BentoBox provides a flexible and powerful access control system that enables administrators to manage and control user access to various functions and features of the platform. With this system, administrators can assign roles and permissions to users, ensuring that they have access only to the areas of the platform that they need to perform their job duties. The access control system in BentoBox works through user roles. There are several pre-defined roles available in the system, including administrator, manager, and staff. Administrators can also create custom roles to fit their organization's specific needs. Each user role comes with a set of permissions that determine what a user can and cannot do within the platform. For example, a manager might have permission to manage menus, events, and reservations, while a staff member might have permission to manage orders and customer profiles. Administrators can assign user roles to individual users or groups of users, and can also specify which locations each user has access to. This allows organizations to set up access controls that are tailored to their specific needs. In addition to role-based access control, BentoBox also provides other security features, such as user activity logs, two-factor authentication, and IP address restrictions. These features help ensure that only authorized users are able to access the platform and perform sensitive actions. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://astrumkb.gitbook.io/kb/platforms-web/sitebuilders/bentobox/access-control.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.