General
AccessOwl Roles
General
AccessOwl Roles
The following roles in AccessOwl govern permissions within the application. Some roles are assigned explicitly within AccessOwl’s settings, while others are granted implicitly based on a user’s HRIS status or responsibilities as an business owner or admin.
| Org Admin | HR User | Business Owner | Application Admin | Manager | User | |
|---|---|---|---|---|---|---|
| Explicitly assigned in the admin dashboard; highest role. | Explicitly assigned in the admin dashboard. | Assigned on a per-app basis; can manage apps and app data. | Assigned on a per-app basis; receives provisioning or deprovisioning requests. | Usually assigned automatically via HRIS integration; often used for approval policies. | Default role | |
| Permissions | ||||||
| View all users | Only for administered apps | |||||
| View all applications | Only for owned apps | Only for administered apps | ||||
| Request app access | ||||||
| Revoke app access | ||||||
| Add application spend data | ||||||
| Trigger on- and offboardings | ||||||
| Approve on behalf of others | ||||||
| Grant access on behalf of others | ||||||
| Notifications | ||||||
| On/Offboarding | ||||||
| Shadow IT |
Was this page helpful?