Roles and Permissions

AccessLedger uses role-based access control (RBAC).

Roles

• Admin
  • Full tenant access
  • Can create, edit, and delete credentials
  • Can approve or deny access requests
  • Can close any approved request
  • Can view and export the audit log
  • Can invite users and manage roles
  • Can view and update notification settings
  • Can add and remove credential assignments
• Approver
  • Can approve or deny pending access requests
  • Can view all access requests
  • Can view credential metadata (name/system/risk) but not sensitive details
• Auditor
  • Can view and export the audit log
  • Can view credential metadata (name/system/risk) but not sensitive details
• User
  • Can create access requests
  • Can view their own access requests
  • Can close their own approved requests
  • Can view credential metadata (name/system/risk) but not sensitive details

Page-Level Access

• Login and signup pages: available to unauthenticated users.
• Dashboard: available to authenticated users (auditors see metrics without Quick Actions).
• Credentials:
  • List/detail: admin, approver, auditor, and user (metadata only for non-admins).
  • Create/edit/delete: admin only.
• Requests:
  • List/detail: admin and approver; users see only their own requests.
  • Create: admin, approver, and user.
• Rotation: dashboard for admin/approver/user; mark rotated is admin only.
• Audit Log: admin or auditor.
• Credential Assignments (/assignments):
  • View: any authenticated user
  • Add or remove assignments: admin only
• Settings (/settings/notifications): admin only.
• Audit CSV export (/audit/export): admin or auditor.

Notes and Limitations

• Admins implicitly act as approvers and auditors.
• Access request approval durations are fixed to 1, 4, or 24 hours.
• See User Management for tenant user lifecycle and role management.