Users, memberships, and roles
Our platform has two top level objects:
- User. A user represents you, an individual using our platform. Everything related to your individual profile is stored here.
- Organization. An organization represents your company. All objects on the platform except users are nested under your organization.
A user is linked to an organization by a membership. The membership defines the user's roles within the organization.
Users
A user represents an individual person using the Griffin platform. You become a user when you register for our app, either directly or via an invitation from an existing user.
If you want to join an existing organization, you must be invited by a user with the Team admin role. Learn more about invitations.
Memberships
A membership represents a relationship between a user and an organization. All users have at least one membership.
- If you register for the app, we automatically create a new sandbox organization, of which you are the first member.
- If you accept an invitation from an existing user, you become a member of that user’s organization.
A user can be a member of multiple organizations. You can choose the organization you want to interact with by:
- selecting it from the organization dropdown menu in the app.
- using an API key associated with that organization.
Roles
A role represents a pre-defined set of actions you can take within an organization. Your role(s) in each organization are defined in your membership. This means you can have different roles in different organizations.
API keys have the same permissions as the user that created them. Before changing a user's roles, check if any integrations rely on their API keys.
- If you register for the app directly, you start in a new organization and you are automatically assigned the Team admin, Payments and Compliance roles.
- If you accept an invitation to join an organizastion, you will be a Team member by default until a Team admin updates your roles. Team members cannot perform any actions.
All organizations must have at least one team admin. If you are the only admin in your organization, then you will not be able to remove that role from your membership.
| Role | Actions | View access |
|---|---|---|
| Compliance | - Create customer applications - Accept and reject customer applications - Create and submit applications for Reliance onboarding (API only) - Add and remove members of pooled accounts (API only) | - Users and roles - Customers - Customer applications - Pooled account memberships (API only) |
| Accounts and payments viewer (Beta) | - No actions | - Users and roles - Accounts - Payments - Transactions |
| Payments | - Open and close bank accounts - Make payments from accounts | - Users and roles - Accounts - Payments - Transactions |
| Team admin | - Add and remove users - Edit user roles - Manage webhooks - Manage public keys for message signatures - Toggle message signing enforcement (sandbox only) | - Users and roles - Webhooks - Public keys for message signing - Message signing toggle status |
| Team member | - No actions | - Users and roles |