Modern Treasury is updating how users interact with the application's permission system. After studying how users across organizations were grouping permissions together, we are introducing a simplified permission interface.
We have renamed "Groups" to "Roles." Roles will now appear on the sidebar underneath the "Settings" link.
Each role specifies permission on four scopes: the Organization, Developer Settings, Counterparties and Accounts. Each scope is defined by three levels of access: Manage and Edit Access, View Only Access or No Access.
Users may define Account privileges at a global level (ie. “Users with this role may create payment orders in all accounts”) or they may select permissions at an individual account level.
In order to approve payment orders from an account, users require the "Manage, Review, and Edit" permission on the payment order's account. The role also must be specified in the approval rule as a role required for approval.
- Only roles that have the ability to manage an account (or all accounts) may approve payment orders out of that account if that payment order requires approval.
- Only users that manage the entire organization may approve payment orders they create themselves.
To learn more, see our help article.