Permission Actions Matrix

This page provides the complete reference for which roles have which permission actions by default. Permissions can be overridden at the project or organisation level — this table reflects the default configuration.

Organisation roles

Role	Description
org_admin	Full control over the organisation and all its projects
org_manager	Can manage members, projects, and settings — but not billing
member	Standard team member — project access depends on project role
workflow_responder	External reviewer with limited access — can only respond to assigned steps

Project roles

Role	Description
project_admin	Full control over the project — can manage all settings and members
reviewer	Can review and respond to workflow steps assigned to them
initiator	Can create documents, start workflows, and send correspondence/transmittals
viewer	Read-only access to all project content

Default permission matrix

Permission Action	org_admin	org_manager	project_admin	initiator	reviewer	viewer	workflow_responder
create_workflow	✅	✅	✅	✅	❌	❌	❌
manage_templates	✅	✅	✅	❌	❌	❌	❌
upload_documents	✅	✅	✅	✅	❌	❌	❌
manage_documents	✅	✅	✅	❌	❌	❌	❌
send_correspondence	✅	✅	✅	✅	❌	❌	❌
manage_transmittals	✅	✅	✅	✅	❌	❌	❌
manage_review_matrix	✅	✅	✅	❌	❌	❌	❌
manage_work_packages	✅	✅	✅	✅	❌	❌	❌
view_reports	✅	✅	✅	✅	✅	✅	❌
manage_guest_shares	✅	✅	✅	❌	❌	❌	❌
manage_dist_lists	✅	✅	✅	❌	❌	❌	❌
manage_members	✅	✅	✅	❌	❌	❌	❌
manage_settings	✅	✅	✅	❌	❌	❌	❌
view_audit_log	✅	✅	✅	❌	❌	❌	❌

Permission action definitions

Permission	What it controls
create_workflow	Start new workflow instances from templates
manage_templates	Create, edit, activate, and deactivate workflow templates
upload_documents	Create document records and upload files to the register
manage_documents	Edit document metadata, lock/unlock, set confidentiality, restore revisions
send_correspondence	Compose and send correspondence items (RFI, NCR, TQ, etc.)
manage_transmittals	Create, issue, and manage transmittal records
manage_review_matrix	Create and edit Review Matrix rules
manage_work_packages	Create and manage work packages
view_reports	Access the Reports tab and saved reports
manage_guest_shares	Create and revoke guest share tokens
manage_dist_lists	Create and manage distribution lists
manage_members	Invite members, assign roles, remove members
manage_settings	Access and change project and organisation settings
view_audit_log	Access the Audit Log and document event history

Customising permissions

Default permissions can be overridden at two levels:

• Organisation level — change the default for all projects (e.g. give initiator the manage_templates permission across the organisation)
• Project level — change permissions for a specific project only (e.g. give reviewer the send_correspondence permission in Project A only)

See Permission Overrides for how to apply overrides.

The workflow_responder role

workflow_responder is a special org role for external reviewers who need to respond to assigned steps but should not have access to general project content. Responders:

• Can access workflow steps assigned to them (Approve, Review, Acknowledge, Sign)
• Cannot browse the Document Register, Correspondence hub, or Reports
• Cannot start workflows or upload documents
• Do not appear in the project team member list

Related

• Organisation Roles — detailed capabilities per org role
• Project Roles — detailed capabilities per project role
• Permission Overrides — customise defaults