Use permissions to separate payout setup, review, and administration

Details

What to know

Permission principle

Give users the access they need for their workflow and keep administration, billing, and automation credentials limited to trusted workspace operators.

• Workspace administrators should control billing, organization settings, team access, and API keys.
• Finance operators should manage imports, payees, rules, calculations, statements, exports, and audit review.
• Reviewers should inspect calculation output and evidence before statements or exports are used downstream.
• Developers should use scoped API keys for server-side automation rather than personal login sessions.

Operational boundary

Permissions protect the calculation and evidence workflow. They do not authorize bank transfers, KYC, AML checks, or payout-rail execution inside Allocora.

• Keep payment approval controls in the downstream payout or accounting system.
• Use Allocora audit history to explain who changed setup or review state.
• Rotate API keys when an integration owner changes.

Reference Tables

Fields and checks

Recommended access model

Use this table as a starting point when assigning workspace access.

User type	Typical access	Review note
Workspace owner	Team, billing, settings, API keys, and operational workflows.	Limit to people accountable for workspace administration.
Finance operator	Revenue imports, mappings, rules, calculation runs, statements, and exports.	Use for users who perform close work.
Reviewer	Calculation output, statements, exports, and audit evidence.	Use when a second person reviews before downstream payout execution.
Developer	Scoped API keys and API reference workflows.	Use server-side keys and rotate them when access changes.

Related

Continue through the docs

Move from concepts to setup, then to statement output and audit review.

API Keys How to create, store, and test API keys for Allocora API access. Audit Trail What Allocora tracks so payout calculations remain reviewable after the period closes. Billing and Cancellation Billing and cancellation guidance for workspace administrators using Allocora as a payout calculation layer. All documentation

Feedback

Was this page helpful?

Send a note if a step is unclear, missing, or out of date.

Email Support