Managing user permissions and access controls in Motivosity made simple

If you’re running HR, IT, or ops at a company using Motivosity, you know that letting the wrong person mess with settings can cause headaches. On the flip side, locking everything down means nobody can do their jobs. There’s a happy medium—if you know how to set up access controls that make sense.

This guide is for anyone who needs to control who can see, do, or change things inside Motivosity. Whether you’re new to the platform or cleaning up years of “just give them admin” chaos, I’ll walk you through what matters, what to skip, and how to keep things simple.

Why permissions in Motivosity matter (more than you think)

Most people treat permissions like an afterthought—until someone accidentally nukes a team, exposes payroll info, or can’t run the report they need. In Motivosity, permissions aren’t just about security. They shape what people can see, do, and even how they recognize each other.

A few things to know up front:

  • Permissions are layered: There are platform-wide roles, team-level controls, and feature-specific settings.
  • Default roles cover most needs: Don’t reinvent the wheel if you don’t have to.
  • Too much access is as bad as too little: It slows people down and can create privacy headaches.

If you’re not sure where to start, start small. You can always loosen things up later.

Step 1: Understand Motivosity’s permission structure

Before you start clicking, get clear on how Motivosity slices up permissions.

The main pieces:

  • System Roles: These are the big ones—Admin, Manager, User, and a few others. Each comes with a default set of capabilities.
  • Custom Roles: You can build your own, but honestly, it’s easy to get lost. Only do this if the defaults don’t fit.
  • Feature Permissions: Some features (like Rewards or Recognition) have their own toggles.
  • Team/Department Access: Lets you restrict info or actions to specific groups.

Pro tip: Unless you have a really complicated org, stick to System Roles as much as possible. Every custom role you add is another thing to maintain (and screw up).

Step 2: Audit your current roles and access

Don’t assume your setup is clean—especially if you inherited it. Take 15 minutes to look at who has what. This is the step most people skip, and it always comes back to bite them.

How to audit:

  1. Go to Admin > User Management.
  2. Export a list of all users and their roles. (Most Motivosity plans let you export to CSV.)
  3. Look for red flags:
  4. Too many Admins (should be less than 3% of users, ideally)
  5. Ex-employees still active
  6. Weirdly named custom roles (always a sign of confusion)
  7. People with access to financial reports who shouldn’t

What to do:

  • Remove access for users who shouldn’t be there.
  • Flag roles that don’t make sense for a second look.
  • Make a quick note of any custom roles you don’t understand.

Don’t get bogged down in the weeds; just get a lay of the land.

Step 3: Decide who actually needs what

Here’s where you avoid future headaches. Ask: Who really needs to do what?

Common roles and what they should be able to do:

  • Admins: Manage users, settings, reporting, see everything. Limit this to trusted folks only.
  • Managers: See their direct reports, approve (or deny) recognition, access to certain reporting.
  • Users: Send and receive recognition, view their own info, maybe redeem rewards.
  • Finance/HR: Access to budgets, analytics, and sensitive data.

If someone only needs to run a report once a quarter, don’t make them Admin—just export the report for them.

Pro tip: Write down your logic for each role somewhere. It’ll save you or your successor a ton of time later.

Step 4: Set (or clean up) roles in Motivosity

Now for the actual button-pushing.

To assign or change a role:

  1. Go to Admin > User Management.
  2. Find the user (search by name or email).
  3. Edit their profile.
  4. Select the right role from the dropdown.
  5. Save changes.

You can bulk-edit users in most Motivosity plans—handy for onboarding or cleaning up a mess.

Creating custom roles (when you must):

  • Go to Admin > Roles & Permissions.
  • Click “Add Role.”
  • Name it something super clear (“Temporary Contractor View Only” beats “SpecialRole7”).
  • Pick only the permissions you truly need.
  • Save, and assign to users as needed.

Don’t: Create a custom role for every little exception. You’ll spend more time managing roles than the product itself.

Step 5: Fine-tune feature and team access

Some things in Motivosity aren’t covered by roles alone.

Key areas to check:

  • Recognition permissions: Who can give, approve, or see recognition? (Settings > Recognition)
  • Reward access: Who can see budgets, approve gift cards, or request payouts? (Settings > Rewards)
  • Department/team visibility: Who can see which teams or departments? (Settings > Organization)

These settings can override or supplement role-based permissions. Double-check them after making role changes.

Step 6: Test your setup (like a real user)

Don’t trust the interface—test it.

How to test:

  • Use the “View As” or impersonate feature (if available) to see what different roles actually see.
  • Ask a real user (or your most skeptical coworker) to try common tasks.
  • Try to break things: Can someone access what they shouldn’t? Can they do what they’re supposed to?

Watch for:

  • Users stuck unable to do their jobs
  • Sensitive info visible to the wrong people
  • Frustrating approval bottlenecks

Tweak as needed. It’s better to fix now than after your CFO finds out their birthday is public to the whole company.

Step 7: Keep permissions tidy over time

Don’t set and forget. Permissions need regular care.

  • Review roles quarterly. Things change—people leave, new teams form.
  • Disable users quickly when they leave. (Ideally automated with HRIS or SSO; if not, make it someone’s job.)
  • Document exceptions. If you break your own rules, write down why.

Pro tip: If you find yourself fighting the system a lot, it might be time for a bigger permissions overhaul—or a chat with Motivosity support.

What works, what doesn’t, and what to ignore

What works:

  • Keeping it simple. Use the fewest roles you can get away with.
  • Regular audits. A little time now saves a lot of pain later.
  • Clear naming. “HR View Only” is self-explanatory. “Role2” is not.

What doesn’t:

  • One-size-fits-all roles. Every org is different—tweak as needed.
  • Letting everyone be an admin “just in case.” It’s risky and lazy.
  • Ignoring feature-specific permissions. They matter as much as global roles.

What to ignore:

  • Wildly granular custom roles unless you have a legit, ongoing need.
  • Overcomplicating things to match theoretical org charts.
  • Trying to automate everything if you only have 50 users—it’s overkill.

Keep it simple, and stay flexible

User permissions aren’t glamorous, but they’re the difference between smooth sailing and a mess you’ll regret. In Motivosity, less is more—start with the basics, test often, and adjust as you go.

Don’t aim for perfect. Get your roles tidy, document your choices, and revisit when things change. Simple beats complicated, every single time.