I am building a multi-tenanted SaaS application that should have 3 different landing and other screens for three roles.
1. Super admin(me): should create admin and other perform other super admin roles.
2. Admin: should create users for their organization and perform other admin roles. 
3. User: Should perform user duties.
I have a core(service) module for my application that houses all entities and server actions.
Option 1:
Build 3 new modules to represent the three levels of authentication. Build each module to completion starting with superadmin because of the many functionalities for each role. 
This would mean 3 different URL to access the application for the 3 roles.
Option 2:
Just 1 module but have access to its screens role based. Build screens and restrict access to them via user role.
This would mean 1 URL to access the application but users will be restricted to access the different screens.

What option should I go for? What is the standard way of doing things? Is there another way of achieving my goal not mentioned above?