# Basics Groups, Roles and Permissions are the guardrails of your Less application. Once you start adding more users to the platform, you'll probably want to restrict certain people from doing certain things. For instance, you might not want everyone to access a specific HR connection with sensitive salary and person data. Similarly, perhaps only admins should have the ability to add or create new databases. Roles, Groups and Permissions helps you in such cases. The basic workflow works by first inviting users to the platform. Then you add users to Groups. A Group could be *Finance Analyst* or *Admins.* On an asset - database, folder, connection or model - you then assign groups a certain Role. A Role (e.g. Editor) is a pre-built bundle of low-level Abilities (e.g. Create Connection) which ultimately restricts that Group from doing certain things. For instance, you might give your Finance Analyst Group an *Editor* Role on a folder containing 10 finance-related connection. The users in the Finance Analyst Group will then be able to do things like creating new models, accessing the output of the connectors, etc. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://resources.less.tech/less-tech/roles-and-permission/basics.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.