Understanding Roles in Levain

Overview

Levain has the concept of organizational account and user account. When you sign up for Levain, you first create a user account. You can then create an organizational account, and invite other users to join your organization. Each user account can belong to multiple organizations.

Organization Account Roles

There are three roles for a user account within an organization account:

  • Owner
  • Admin
  • User

Owner

The Owner role comes with the most privileges in an organization account. The Owner can perform all actions in the organization account, including:

  • Managing users
    • Inviting users to any role
    • Changing user roles
    • Removing users
  • Managing wallets
    • Creating wallets
    • Viewing all wallets, even if not part of the wallet
    • Assigning users to wallets and changing the approval quorum
    • Managing wallet policies
  • Creating Levain GraphQL API personal access tokens
  • Access to new features will be rolled out to Owners first

Admin

The Admin role comes with similar privileges in an organization account, except the ability to add new Owners and . The Admin can perform the following actions in the organization account:

  • Managing users
    • Inviting users as Admins and Users
    • Changing user roles
    • Removing users
  • Managing wallets
    • Creating wallets
    • Viewing all wallets, even if not part of the wallet
    • Assigning users to wallets and changing the approval quorum
    • Managing wallet policies
  • Creating Levain GraphQL API personal access tokens

User

The User role is the role with the least privileges in an organization account. The User can perform the following actions in the organization account:

  • No permissions, except for having access to wallets that the User is assigned to

Wallet Roles

Every user account can be assigned to one or more wallets. There are three roles in a wallet:

  • Wallet Approver
  • Wallet Initiator
  • Wallet Viewer

Wallet Approver

The Wallet Approver role is the highest level of access in a wallet. The Wallet Approver can perform the following actions in the wallet:

  • Transactions
    • Approve transactions
    • Initiate transactions
    • View transactions
    • Be added as a Signer
  • WalletConnect Transactions
    • Connect to dApps
    • Initiate transactions
  • Policies
    • Create policies
    • Update policies
    • View policies

Wallet Initiator

The Wallet Initiator role is meant for users who only need to initiate or create transactions. The Wallet Initiator can perform the following actions in the wallet:

  • Transactions
    • Create transactions
    • View transactions
  • WalletConnect Transactions
    • Connect to dApps
    • Initiate transactions

Wallet Viewer

The Wallet Viewer role is the role with the least privileges in a wallet. The Wallet Viewer can perform the following actions in the wallet:

  • Transactions
    • View transactions