About User Roles
Understand the two tiers of user roles in Tholos: organization-level and vault-level permissions.
Within Tholos, there are two tiers of user roles. This allows you to configure different role configurations based on your needs.
- Roles on the organization level
- Roles on the vault level
Each person within your organization will have one organization role. They will also have a role for each vault they are a part of.
For example: a user may have an Administrator role for the organization, have a Viewer role in Vault A, a Manager role in Vault B, an Initiator role in Vault C, and a Manager role in Vault D.
Organization Level Roles
These roles are for the entire organization.
| Permission | Administrator | Member | Auditor |
|---|---|---|---|
| Add vault | Yes | Yes | No |
| View all vaults | Yes | No | Yes |
| Modify blockchains | Yes | No | No |
| Change plans | Yes | No | No |
| Update billing information | Yes | No | No |
| Invite organization members | Yes | No | No |
| Remove member | Yes | No | No |
Vault Level Roles
These roles are set on a per vault basis within your organization.
Signers hold key shares, so Approvers and Managers are Signers.
Limited Users do not hold key shares, so Viewers and Initiators are Limited Users.
| Permission | Viewer | Initiator | Approver | Manager |
|---|---|---|---|---|
| View wallet addresses | Yes | Yes | Yes | Yes |
| View contacts | Yes | Yes | Yes | Yes |
| View vault balance | Yes | Yes | Yes | Yes |
| View transaction history | Yes | Yes | Yes | Yes |
| Export transaction history | Yes | Yes | Yes | Yes |
| View token balance | Yes | Yes | Yes | Yes |
| View NFTs | Yes | Yes | Yes | Yes |
| View governance policies | Yes | Yes | Yes | Yes |
| Request adding a governance policy | No | Yes | Yes | Yes |
| Approve creating a governance policy | No | No | Yes | Yes |
| Request changing Signers | No | Yes | Yes | Yes |
| Approve changing Signers | No | No | Yes | Yes |
| Create, edit, and delete contacts | No | No | Yes | Yes |
| Approve a transaction | No | No | Yes | Yes |
| Initiate a bank transfer | No | No | No | Yes |
| Archive vault | No | No | No | Yes |
| Update vault roles | No | No | No | Yes |
About Roles
A few details to be aware of for specific roles. See How to Change User Roles for details.
Administrators
- The person who creates an organization will be the Administrator.
- Organization Administrators will always be added to a vault with a Viewer role.
- You can give Administrators a higher vault role but you cannot remove them from a vault.
Managers
- Holds keys to the vault they are part of.
- When creating a vault, the organization Member who initiates the process will be the vault Manager.
- You can have multiple vault Managers.
Approvers
- Holds keys to the vault they are part of.
Initiators
- Does not hold keys to the vault they are part of.
Viewers
- Does not hold keys to the vault they are part of.