Understanding Roles in Levain
Overview
Levain has the concept of organizational account and user account. When you sign up for Levain, you first create a user account. You can then create an organizational account, and invite other users to join your organization. Each user account can belong to multiple organizations.
Organization Account Roles
There are three roles for a user account within an organization account:
- Owner
- Admin
- User
Owner
The Owner role comes with the most privileges in an organization account. The Owner can perform all actions in the organization account, including:
- Managing users
- Inviting users to any role
- Changing user roles
- Removing users
- Managing wallets
- Creating wallets
- Viewing all wallets, even if not part of the wallet
- Assigning users to wallets and changing the approval quorum
- Managing wallet policies
- Creating Levain GraphQL API personal access tokens
- Access to new features will be rolled out to Owners first
Admin
The Admin role comes with similar privileges in an organization account, except the ability to add new Owners and . The Admin can perform the following actions in the organization account:
- Managing users
- Inviting users as Admins and Users
- Changing user roles
- Removing users
- Managing wallets
- Creating wallets
- Viewing all wallets, even if not part of the wallet
- Assigning users to wallets and changing the approval quorum
- Managing wallet policies
- Creating Levain GraphQL API personal access tokens
User
The User role is the role with the least privileges in an organization account. The User can perform the following actions in the organization account:
- No permissions, except for having access to wallets that the User is assigned to
Wallet Roles
Every user account can be assigned to one or more wallets. There are three roles in a wallet:
- Wallet Approver
- Wallet Initiator
- Wallet Viewer
Wallet Approver
The Wallet Approver role is the highest level of access in a wallet. The Wallet Approver can perform the following actions in the wallet:
- Transactions
- Approve transactions
- Initiate transactions
- View transactions
- Be added as a Signer
- WalletConnect Transactions
- Connect to dApps
- Initiate transactions
- Policies
- Create policies
- Update policies
- View policies
Wallet Initiator
The Wallet Initiator role is meant for users who only need to initiate or create transactions. The Wallet Initiator can perform the following actions in the wallet:
- Transactions
- Create transactions
- View transactions
- WalletConnect Transactions
- Connect to dApps
- Initiate transactions
Wallet Viewer
The Wallet Viewer role is the role with the least privileges in a wallet. The Wallet Viewer can perform the following actions in the wallet:
- Transactions
- View transactions