![applauz_logo.svg]](https://www.applauz.me/hubfs/applauz_logo.svg){kind=logo}
Here's where it gets powerful: some permissions can be scoped, which means you can control who someone can perform that action on.
For example, let's say you turn on the "View employee list" permission for the Managers role. You now have three scope options:
Everyone – Managers can see every employee in the organization.
Reports – Managers can only see their direct reports and anyone who reports to their reports (their whole reporting tree).
Custom – You manually pick exactly which people or departments/teams the managers can see.
Not all permissions have scopes. Simple permissions like "Download invoices" are just on or off. But permissions that involve interacting with people (viewing, editing, assigning, etc.) usually have scopes.
