There are a lot of individual permissions within the divergent Cloud and its associated products. Most users don't require a high level of control, so you may be able to use the Built-in Roles exclusively.
In the tables below, a "Critical" permission is one that may allow destructive or sensitive actions to take place. We recommend that these are only assigned to trusted users.
Cloud Permissions (Central Management)
Divergent.Authorization
Divergent.Authorization/permissions/read
Access to view the user's own permissions within the Billing Profile.
Divergent.Authorization/roleAssignments/delete
Critical, as this may allow destructive modifications to user permissions.
Ability to remove a role assignment from a user.
Divergent.Authorization/roleAssignments/read
Access to view available role assignments within the Billing Profile.
Divergent.Authorization/roleAssignments/write
Critical, as this may allow destructive modifications to user permissions.
Ability to add a role assignment to a user.
Divergent.Authorization/roles/delete
Critical, as this may allow destructive modifications to user permissions.
Ability to delete a role within the Billing Profile.