We have different security roles in place for our Connectwise Manage users. Our Help Desk users cannot assign "Closed" statuses, for instance. However, when they work on tickets through Thread, Thread has full admin access through the API, and it allows the Help Desk users to bypass some of the role settings (such as setting "Closed" statuses). This shouldn't be.