Permission principle
Give users the access they need for their workflow and keep administration, billing, and automation credentials limited to trusted workspace operators.
- Owners control billing actions, owner access, and the full workspace permission surface.
- Admins can manage team access, settings, API keys, integrations, setup data, calculations, statements, exports, and audit review, but they cannot grant Owner access, change/remove Owner memberships, or manage billing.
- Finance operators can manage imports, sources, buckets, products, mappings, payees, rules, calculations, statements, exports, billing/invoice review, and audit review without receiving API-key, integration, team, or billing-action access.
- Viewers can inspect in-app ledger evidence but cannot mutate setup, run calculations, download/export financial artifacts, deliver statements, view billing, or manage credentials.
- Developers should use scoped API keys for server-side automation rather than personal login sessions.