Articles on: Security & Admin

Access & Roles

Access & Roles


This article defines a recommended role model for CJH, practical onboarding/offboarding steps, and operational controls to maintain least privilege.




Adopt a small, well-defined set of roles with clear responsibilities. Example roles:


  • Owner / Tenant Admin: Full access to tenant configuration, integrations, billing, user/role management.
  • Dispatcher / Manager: Create/assign jobs, schedule, modify jobs and clients, view reports.
  • Accountant: Access to invoices, payments, and financial reports (no need for edit of job details).
  • Technician: Mobile-focused role; can view assigned jobs, update job status, take photos, record payments (if allowed).
  • Read-only / Auditor: Read access to data for auditing or reporting.


Map these roles to application permissions and to RLS policies where appropriate.




Onboarding checklist (new user)

  • [ ] Create user account or invite via email.
  • [ ] Assign a role and specify any role exceptions (granular permissions).
  • [ ] Provide initial training materials and the technician cheat-sheet (clock in, enable location, photo best practices).
  • [ ] If the user requires integration access (Mapbox admin, billing), establish an approval flow.




Offboarding checklist (departure)

  • [ ] Disable or delete the user account.
  • [ ] Reassign any open tasks or jobs from the user.
  • [ ] Rotate any secrets the user had access to (API keys, shared admin account creds).
  • [ ] Audit activity for changes the user made in the last X days for compliance.




Least-privilege & segmentation

  • Minimize the number of users with Owner/Admin roles. Use Dispatcher role for day-to-day operations.
  • Periodically review role assignments and remove or downgrade roles that are unnecessary.




Role testing & enforcement

  • Policy tests: Run automated tests that verify a Dispatcher cannot perform Owner-level actions and a Technician cannot modify invoices (unless explicitly allowed).
  • UI visibility: Hide admin controls from non-admin roles to reduce accidental exposure.
  • Escalation: Provide an approval/request workflow for temporarily elevated privileges where required, paired with activity logs for the period.




Practical admin tips

  • Document role definitions in the KB so managers know which role to assign.
  • For sensitive operations (rotating tenant tokens, deleting tenant data), require Owner approval or two-person authorization.
  • Keep an on-call list of tenant admins who can perform emergency operations and a recovery plan for lost admin access.






Updated on: 10/01/2026

Was this article helpful?

Share your feedback

Cancel

Thank you!