By using predefined roles, you can grant different access levels (Admin versus Viewer) as well as a breadth of access (individual properties versus the whole account).
Organisation-level roles: Roles which grant full read/write or read-only access to the whole organisation.
Property-level roles: Roles which grant full read/write or read-only access to specific properties.
Read-only access to the reports and Traffic Control, across the whole Organisation
Permissions for read-only actions, such as viewing (but not modifying) Traffic Control resources and Reporting.
Read/write access to most of the resources across the whole Organisation
All the Viewer role permissions, plus permissions for:
Full read/write access to the whole Organisation
All the Editor role permissions, plus permissions for the following actions:
Property Read-only (External Viewer)
Read-only access to the reports of specific properties
Permissions for read-only actions, such as viewing Reporting.
The Standard role can be limited to only specific properties
All permissions of the Standard role but limited to specific properties.
Property Read-only role is applicable to organisations like Networks that want to give reporting only access to their clients limited to only their specific properties.