Access control is very important because it prevents unauthorized persons from having access.
Use the standard roles for access control
|SF_Administrator||This is a role for all AdminUI permissions|
|SF_AppBuilder||This role provides the permissions for App creation|
|SF_AppUser||This role provides the permission to execute Apps|
|SF_Developer||This role provides the permissions to create Apps and building blocks such as Business Objects, Connectors, etc.|
|SF_ExtAuthUser||This is a role for read-only users that are synced from an external authentication-service|
In general, you should only assign permissions with the Characteristic Execute to end-users.
Never assign the Permission Roles with the Characteristic Assign to external users!