User & Role Management

Access control in AI-native ERP uses a two-layer model that separates dashboard access from accounting operation permissions. This gives you fine-grained control over who can see what in the admin interface and who can perform which accounting operations through the AI assistant.

Two-Layer Access Model#

The first layer is membership level, which controls admin dashboard access. Owners have full organizational control. Admins can manage team members and settings. Members have standard dashboard access. Viewers have read-only access. This layer determines what someone can see and configure in the web interface.

The second layer is role-based access control (RBAC), which governs accounting operations performed through the AI assistant and API. Roles carry specific permission groups that determine what financial operations a user can execute. These two layers are independent -- a user can be a dashboard Viewer but have a Controller role for full accounting access through the AI interface.

Built-In Roles#

Six system roles cover the most common access patterns. Administrator has full system access. Controller can read and write across all accounting domains. AP Accountant handles accounts payable and master data. AR Accountant manages accounts receivable and master data. Auditor has read-only access across all domains. Investor sees reports only.

These roles are pre-configured with the permission groups that match each function's real-world responsibilities. The AP Accountant role, for example, includes AP write access, master data write access (to create vendors), and accounting read access (to see the GL), but not AR write access or admin access.

Custom Roles#

When built-in roles do not match your organizational structure, you can create custom roles with specific permission groups. A "Payroll Specialist" role might combine payroll read/write, employee read, and reporting read permissions. A "Treasury Manager" role might include banking, payment, and reporting access. Custom roles give you the granularity to match access to actual job functions.

Role assignments can be scoped to specific legal entities. A user with the AP Accountant role scoped to entity 9 can only perform AP operations on that entity's data. This supports multi-entity organizations where different team members handle different subsidiaries.

API Keys#

For programmatic access -- integrations, CI/CD pipelines, automated workflows -- you can create API keys with specific names and expiration dates. API keys provide the same permission-scoped access as user authentication, using the same role system. Keys can be revoked immediately when access needs to be terminated.

Audit Trail#

Every user action is logged in the audit trail: who did what, when, and on which records. You can query audit logs by user, action type, date range, or entity to investigate access patterns and verify compliance with your internal controls.