Roles and Permissions

Every user has a role that determines what they can do. The defaults cover most teams; custom roles handle the edge cases.

The three default roles

• Admin: full access to billing, security, integrations, users, and data. Reserve for managers, ops leads, and IT admins.
• Engineer: create and complete work orders, edit assets, run PMs, view analytics. Right for technicians, planners, and supervisors.
• Viewer: read-only, for executives, finance, or external stakeholders.

Custom roles

Under Settings then Roles then New role, each custom role combines permissions and scope. Permissions cover view, create, edit, and delete on each resource type plus specials like invite users, manage billing, and access audit log. Scope controls visible data: all facilities, specific facilities, specific asset classes, or self only. Common examples are a PM-only technician and a single-site facility manager.

Labor rates and changes

Each role can have a default labor rate under Settings then Roles then Labor rates, including standard rate, overtime multiplier, and weekend or holiday rate. Per-user overrides take precedence. Change a role under Settings then Team, then the user, then Role; it takes effect on their next page load and is logged. For integrations, use a service account under Settings then Service accounts rather than a real person's login. Keep admins few and audit roles quarterly.