Appearance
Roles & permissions
Access is role-based and scoped — a role applies at a specific level of the hierarchy, and assignment invitations grant access to just one claim.
The roles
| Role | Scope | Who it's for |
|---|---|---|
| Org admin | Entire org | Owners / platform admins. |
| Business-unit admin | One business unit | Division or regional leads. |
| Team admin | One team | Team leads who build schemas and run assignments. |
| Member | One team | Field staff who capture across the team's assignments. |
| Collaborator | One assignment | Someone brought in to help capture a specific loss. |
| Observer | One assignment | A stakeholder who should see, but not change, a loss. |
What each role can do
| Capability | Org admin | BU admin | Team admin | Member | Collaborator | Observer |
|---|---|---|---|---|---|---|
| View media & documentation | ||||||
| Capture & edit media / rooms / groups | — | |||||
| Edit people & details | — | |||||
| Delete media | — | — | — | |||
| Create & manage assignments | — | — | — | |||
| Build & publish profiles (schema) | — | — | — | |||
| Invite / revoke assignment access | — | — | — | |||
| Manage team & members | — | — | — | |||
| Read the audit log | — | — | — | |||
| Manage webhooks | — | — | — | — | — |
NOTE
This table reflects the default permission matrix. The mobile app and web console hide or disable actions your role can't perform — and the server enforces the same rules, so access can't be bypassed by the client.
Scoping, explained
- A team admin manages their team only — not sibling teams.
- A collaborator/observer sees only the assignment they were invited to. Being on one loss never reveals another.
- Higher scopes include lower ones: an org admin can do anything a team admin can, everywhere.
IMPORTANT
Users are identified by email or phone. Invite people by whichever identifier they'll actually use to sign in.