Roles and access

The application is permission-driven. Instead of hard-coding only a couple of job titles, it uses profiles with fine-grained permissions such as booking:view, booking:edit, and settings:view.

Typical administrator access

  • Settings, profiles, users, locations, services, sessions, and resources.

  • Organization-wide configuration and first-time setup work.

  • Scoping permissions for other users during invitation.

Typical staff access

  • Bookings, customers, calendars, and limited service visibility.

  • Daily operational work inside the tenant workspace.

  • Access scoped to assigned services or locations where needed.

Global owner

Some settings are usually reserved for global owners, such as API Keys and Support Access. Organization deletion also typically requires settings:delete.

Inviting and scoping staff

During invitation, administrators pick a profile and can scope access to all locations and services or only selected ones.

User invitation form