I’m looking to create an IT role that can manage user access. Does anyone know of a document that talks about the best practices for this? or has a list of recommended permissions to provide the role? I’ve turned on core administrator privileges, granted access to that. It appears I need to add permissions related to granting access as well.