Team & permissions· 3 min read
Roles explained
What each role can and cannot do, and how to map your team's responsibilities to roles.
The four roles
ZeroKey ships with four built-in roles.
- Admin — full access to all settings, billing, members, and the LHDN certificate. The role that signed up first.
- Reviewer — can upload, review, edit, and approve invoices. Cannot change billing or members.
- Accountant — read access plus the ability to download audit bundles and export data. Cannot edit invoices.
- Read-only — view-only access to dashboards and invoices.
Approval flows
Admins can enable an approval flow that requires two-step approval for invoices above a threshold. The reviewer who created the invoice cannot also approve it — segregation of duties enforced automatically.
Custom roles
Available on the Scale and Pro plans. Create your own roles with fine-grained permissions per surface area. Write to contact@symprio.com if you need help mapping a custom workflow.
Need more help? Write to contact@symprio.com. We'd rather respond directly than make you guess.