> ## Documentation Index
> Fetch the complete documentation index at: https://docs.firebolt.io/llms.txt
> Use this file to discover all available pages before exploring further.

> Learn about user-level permissions in Firebolt.

# User Permissions

In Firebolt, a [user](/overview/organizations-accounts#users) is associated with a [login](/guides/managing-your-organization/managing-logins) or [service account](/guides/managing-your-organization/service-accounts), which grants them access to that account. You can assign a [role](/overview/organizations-accounts#roles) to a user, and the role determines the specific actions they are authorized to perform within the account.

The following table outlines the privileges that can be granted for users within a particular account:

| Privilege | Description                                    | GRANT Syntax                                  | REVOKE Syntax                                    |
| --------- | ---------------------------------------------- | --------------------------------------------- | ------------------------------------------------ |
| MODIFY    | Grants the ability to drop the specified user. | `GRANT MODIFY ON USER <user_name> TO <role>;` | `REVOKE MODIFY ON USER <user_name> FROM <role>;` |

<Note>
  Users can modify most of their own account settings without requiring [RBAC](/overview/security/rbac#role-based-access-control-rbac) permissions, except when altering [LOGIN](/guides/managing-your-organization/managing-logins) configurations or a [SERVICE ACCOUNT](/guides/managing-your-organization/service-accounts).
</Note>

## Examples of granting user permissions

### MODIFY permission

The following code example grants the role `developer_role` permission to drop the `my_user` user:

```sql theme={"theme":{"light":"github-light","dark":"github-dark"}}
GRANT MODIFY ON USER my_user TO developer_role;
```