Back to Docs
Permissions & Access12 min readUpdated January 2025
User Roles & Permissions
Comprehensive guide to organization and project-level roles, permissions, and access control in Asrify. Learn about Owner, Admin, Member, and Guest roles.
User Roles & Permissions
Master Asrify's role-based access control system with organization-level and project-level permissions for secure collaboration.
1 Overview of Role Structure
Asrify uses a hierarchical role system with four main roles that apply at both organization and project levels:
Organization Level
- - Controls access to the entire organization
- - Manages billing, financials, and member data
- - Overrides project-level permissions
- - Sets organization-wide policies
Project Level
- - Controls access to specific projects
- - Manages project tasks and boards
- - Independent from organization roles
- - Inherits from higher organization roles
Important: Organization Owners and Admins automatically have Owner and Admin privileges on all projects within their organization, even if they're not explicitly added as project members.
2 Organization Roles & Permissions
Organization roles control access to company-wide features, financial data, and member management:
Organization Owner
Complete control over the organization with full administrative and financial access
Core Permissions
- - Manage, update, and delete organization
- - Add and remove organization members
- - Assign and modify user roles
- - Manage organization settings and policies
Financial & Business
- - View all income and outcome data
- - Access complete financial reports
- - Manage member pay details and rates
- - Manage client information and billing
Project Access
- - Full access to all organization projects
- - Can manage any project as if they were project owner
- - Override project-level permissions
- - Access all project analytics and reports
Advanced Features
- - Configure integrations and API access
- - Manage security settings and audit logs
- - Set up organization-wide workflows
- - Control data export and backup settings
Organization Admin
Nearly full administrative access with some restrictions on critical operations
Administrative Rights
- - All Owner permissions except deletion
- - Manage organization members and roles
- - Configure organization settings
- - Manage projects and assign project roles
Financial Access (Optional)
- - No financial access by default
- - Owner can grant financial permissions
- - Can view reports if permission granted
- - Cannot modify billing or payment settings
Restrictions
- - Cannot delete the organization
- - Cannot remove organization owners
- - Cannot access financials without permission
- - Cannot modify critical security settings
Project Access
- - Full access to all organization projects
- - Can manage projects as if they were project admin
- - Access project analytics and reports
- - Can create and assign project permissions
Organization Member
Standard user with access limited to assigned projects and personal tasks
Basic Access
- - View only assigned projects
- - Access personal dashboard and analytics
- - Manage own profile and settings
- - Track personal time and tasks
Project Participation
- - Work on assigned projects only
- - Project permissions depend on project role
- - Cannot see organization-wide data
- - Limited to own work and assigned tasks
Organization Guest
Very limited access for external stakeholders or clients
Minimal Access
- - View only what's explicitly shared
- - Cannot create or modify data
- - Read-only access to assigned content
- - Limited to specific projects or boards
Typical Use Cases
- - External clients reviewing project progress
- - Stakeholders monitoring specific initiatives
- - Vendors with limited collaboration needs
- - Audit or compliance reviewers
3 Project-Level Roles & Permissions
Project roles control access to specific project features, tasks, and collaboration tools:
Project Owner
Complete control over the project with full management capabilities
Project Management
- - Update and modify project settings
- - Delete or archive the project
- - Manage project timeline and milestones
- - Configure project workflows and automation
Team & Access Control
- - Add and remove project members
- - Assign and modify project roles
- - Manage project permissions and access
- - Control board and task visibility
Analytics & Reporting
- - Access all project analytics and reports
- - View team productivity metrics
- - Export project data and time reports
- - Monitor project budget and resources
Content Management
- - Create, edit, and delete all project content
- - Manage all boards, tasks, and workflows
- - Configure project templates and standards
- - Control project documentation and files
Project Admin
Administrative access to project features with member management capabilities
Administrative Functions
- - Most project owner permissions
- - Manage project members and roles
- - Configure project settings and workflows
- - Access project analytics and reports
Content & Board Management
- - Create and manage boards and workflows
- - Edit and organize all project tasks
- - Manage project documentation
- - Configure board permissions and access
Restrictions
- - Cannot delete the project
- - Cannot remove project owners
- - May have limited financial access
- - Cannot modify critical project settings
Team Coordination
- - Assign tasks and manage workloads
- - Review and approve team submissions
- - Monitor team progress and performance
- - Facilitate project communication
Project Member
Standard project participant with task management and collaboration access
Task & Board Access
- - View boards they're members of
- - Create, edit, and manage assigned tasks
- - Participate in board workflows
- - Comment and collaborate on tasks
Time & Progress Tracking
- - Track time on assigned tasks
- - Update task progress and status
- - View personal project analytics
- - Submit work for review and approval
Collaboration Features
- - Participate in project discussions
- - Share files and project documentation
- - Receive project notifications and updates
- - Access project calendar and events
Limitations
- - Cannot manage other members' tasks
- - Limited to assigned boards and tasks
- - Cannot modify project settings
- - No access to project-wide analytics
Project Guest
Limited access for external stakeholders and clients
View-Only Access
- - Read-only access to assigned boards
- - View specific tasks and project updates
- - Limited to explicitly shared content
- - Cannot create or modify any data
Communication
- - Comment on specific tasks if permitted
- - Receive project update notifications
- - View project progress reports
- - Access shared project documentation
4 Board & Task Permissions
Board-level permissions follow the same structure as projects with additional granular controls:
Board Access Rules
- - Organization Owners and Admins can access all boards in their organization
- - Project Owners and Admins can access all boards within their projects
- - Members and Guests only see boards they're explicitly added to
- - Board permissions inherit from project permissions but can be restricted
Task Management Permissions
Task Creation & Editing
- - All roles except Guests can create tasks
- - Members can edit their own assigned tasks
- - Admins and Owners can edit any task
- - Task assignment requires Member role or higher
Task Organization
- - Move tasks between columns/stages
- - Set task priorities and due dates
- - Add task labels and categories
- - Attach files and documentation
Board Configuration
- - Board structure and workflow setup (Admin/Owner only)
- - Column/stage configuration and automation rules
- - Board-specific permission and access controls
- - Integration setup and custom field configuration
5 Analytics & Reporting Permissions
Access to reports and analytics varies based on role and organizational settings:
Organization-Level Analytics
Financial Reports
- - Organization Owners: Full financial access
- - Organization Admins: Access if granted by Owner
- - All other roles: No financial access
- - Includes revenue, expenses, profitability
Operational Reports
- - Organization Owners and Admins: Full access
- - Project Owners: Project-specific reports
- - Members: Personal productivity reports only
Project-Level Analytics
Project Performance
- - Task completion rates and timelines
- - Team productivity and workload distribution
- - Project budget and resource utilization
- - Time tracking and billable hours analysis
Access Levels
- - Owners/Admins: Complete project analytics
- - Members: Personal performance metrics
- - Guests: Limited to shared report summaries
Custom Report Creation
- - Organization and Project Owners: Create and share custom reports
- - Admins: Create reports with appropriate data access
- - Members: Generate personal productivity reports
- - Export capabilities vary by role and data sensitivity
Permission Management Best Practices
Security Guidelines
- - Follow principle of least privilege
- - Regularly audit user access and roles
- - Use Guest roles for external stakeholders
- - Enable two-factor authentication for Owners/Admins
Role Assignment
- - Assign roles based on job responsibilities
- - Use project-level roles for task-specific access
- - Limit Owner and Admin roles to essential personnel
- - Review permissions during team changes
Access Control
- - Document permission structures for compliance
- - Set up approval workflows for sensitive data
- - Use board-level permissions for granular control
- - Monitor access logs and user activity
Need Help with Permissions?
Setting up the right permission structure is crucial for security and productivity. Explore these related topics: