0%

Permissions Structure

Permissions Structure

Permissions are organized into functional categories to provide clear access control across the platform. All users share common base permissions, with additional specialized permissions based on their role.​

---

Base Permissions (All User Types)

All users have access to these fundamental permissions:

  • Set up and update password - Allow users to update their password

  • View and edit user profile - Allow users to view and edit their profile

  • Can use 2FA - Allow users to use 2-factor authentication

  • Log out - Allow users to log out from the system

  • List notification templates - Allow users to list notification templates

  • View notifications - Allow users to view their notifications

  • View personal notification properties - Allow users to view their notification settings

  • Set personal notifications properties - Allow users to set their notification preferences

---

Admin Permissions (68 Total)

Administrators have the most comprehensive access with permissions across all platform areas.​

Company Management (8 permissions)

  • Create and Edit Companies - Create, edit and delete companies

  • View Companies - View company details

  • Activate Companies - Activate companies and add comments

  • Deactivate Companies - Deactivate companies and add comments

  • Reject Companies - Reject companies and add comments

  • Submit Companies for Review - Submit companies for review

  • Archive Companies - Archive companies

  • Approve Company KYC - Approve company KYC and view/add comments

User Management (4 permissions)

  • Manage Company Users - Create, view, edit, reinvite, deactivate and delete company users

  • View Company Users - View company users

  • Manage My Company Users Admin - Manage internal user roles and users for admin companies

  • Change internal user role - Change internal user roles

Bank Account Management (4 permissions)

  • Create and Edit Bank Accounts - View, edit and create company bank accounts

  • Activate and Deactivate Bank Accounts - Activate and deactivate company bank accounts

  • Delete Bank Accounts - Delete company bank accounts

  • View Company Bank Accounts - View company bank accounts

Product & Deal Management (13 permissions)

  • View Product Groups - View product groups

  • Create and Edit Product Groups - Create, edit and delete product groups

  • View Product Structures - View product structures

  • Create and Edit Product Structures - Create, edit and delete product structures

  • View Programmes - View programmes

  • Create and Edit Programmes - Create, edit and delete programmes

  • Create and Edit Deals - Create, edit and delete deals with all related configurations

  • View Deals - View all deals and related information

  • Activate Deals Maker - Activate deals with maker permissions

  • Activate Deals Checker - Activate deals with checker permissions

  • Deactivate Deals - Deactivate deals

  • Delete Deals - Delete deals

  • Archive Deals - Archive deals

Instrument Management (6 permissions)

  • Upload and Submit Instruments Admin - Upload, submit, edit and delete instruments with admin permissions

  • View Uploaded Instruments Admin - View instrument details and supporting documents

  • Approve Reject Instruments - Funder Approval Maker - Confirm or reject instruments as funder approval maker

  • Approve Reject Instruments - Funder Approval Checker - Confirm or reject instruments as funder approval checker

  • Manage Rejected Instruments - Funder Approval - Edit instruments and undo rejection for funder approval

  • Fund Instruments Admin - Fund instruments with admin permissions

Disbursement & Repayment (6 permissions)

  • Confirm Cancel Disbursements Admin - Confirm or cancel instrument disbursements

  • View Disbursement Files Admin - View disbursement files

  • View Repayments Admin - View repayments and initiate quote calculations

  • Initiate Repayments Admin - Initiate repayments

  • Cancel Repayments Admin - Cancel repayments

  • Reconcile Repayments Admin - Reconcile repayments

System Administration (7 permissions)

  • View audit trail - View system audit trail (Portal admin only)

  • Manage company onboarding comments - View and add comments for company onboarding

  • Manage Bank Holidays - View, edit and delete bank holiday rules

  • Manage Integrations - Create, update, delete and view webhooks

  • View Order Form Templates - View order form templates including download

  • Manage Order Form Templates - Edit template metadata and delete templates

  • Upload Order Form Templates - Upload order form templates

---

Customer Permissions (46 Total)

Customer users have focused permissions for managing their own company operations and participating in financing workflows.​

Company Management (3 permissions)

  • Manage My Company Customer - View and edit own company details and comments

  • View my company details - View own company details

  • View my company comments - View comments for own company

Instrument Management (12 permissions)

  • Upload and Submit Instruments Customer - Upload, submit, edit and delete instruments as customer

  • View Uploaded Instruments Customer - View instrument details and supporting documents

  • Approve Reject Instruments - Payer Approval Maker - Confirm or reject instruments as payer approval maker

  • Approve Reject Instruments - Payer Approval Checker - Confirm or reject instruments as payer approval checker

  • Manage Rejected Instruments - Payer Approval - Edit instruments and undo rejection for payer approval

  • Approve Reject Instruments - Payer Finance Request Maker - Confirm or reject instruments for payer finance request as maker

  • Approve Reject Instruments - Payer Finance Request Checker - Confirm or reject instruments for payer finance request as checker

  • Manage Rejected Instruments - Payer Finance Request - Edit instruments and undo rejection for payer finance request

  • Approve Reject Instruments - Seller Finance Request Maker - Confirm or reject instruments for seller finance request as maker

  • Approve Reject Instruments - Seller Finance Request Checker - Confirm or reject instruments for seller finance request as checker

  • Manage Rejected Instruments - Seller Finance Request - Edit instruments and undo rejection for seller finance request

  • Manage Rejected Instruments - Funder Approval Customer - Edit instruments and undo rejection for funder approval as customer

Payment Management (2 permissions)

  • Mark as Paid Without Financing - Mark instruments as paid without financing

  • View Incoming Payments - View incoming payments

Repayment Management (3 permissions)

  • View Repayments Customer - View repayments and initiate quote calculations

  • Initiate Repayments Customer - Initiate repayments

  • Cancel Repayments Customer - Cancel repayments

Data Access (13 permissions)

Customers have read-only access to various platform data including deals, programmes, counterparties, product groups, companies, funders, documents, instruments, credit notes, bank accounts, repayments, and countries.

---

Funder Permissions (37 Total)

Funder users have specialized permissions for funding operations and instrument approval workflows.​

Instrument Management (5 permissions)

  • Upload and Submit Instruments Funder - Upload, submit, edit and delete instruments as funder

  • View Uploaded Instruments Funder - View instrument details and supporting documents

  • Approve Reject Instruments - Funder Approval Maker - Confirm or reject instruments as funder approval maker

  • Approve Reject Instruments - Funder Approval Checker - Confirm or reject instruments as funder approval checker

  • Manage Rejected Instruments - Funder Approval - Edit instruments and undo rejection for funder approval

Funding Operations (3 permissions)

  • Fund Instruments Funder - Fund instruments as funder

  • Confirm Cancel Disbursements Funder - Confirm or cancel instrument disbursements

  • View Disbursement Files Funder - View disbursement files

Repayment Management (3 permissions)

  • Initiate Repayments Funder - Initiate repayments

  • Cancel Repayments Funder - Cancel repayments

  • Reconcile Repayments Funder - Reconcile repayments

Special Permission Features

---

Permission-Based MFA Requirements

The platform supports granular Multi-Factor Authentication (MFA) enforcement at the permission level. Company administrators can configure which specific actions require additional MFA verification.​

High-Risk Permissions Requiring MFA:

  • Bank account management operations

  • Deal activation/deactivation

  • Company KYC approval

  • Instrument funding operations

  • Repayment reconciliation

  • API key management

  • Security settings changes

Maker-Checker Restrictions

Companies can enforce maker-checker controls to prevent the same user from performing both creation and approval actions in critical workflows.​

Applicable Workflows:

  • Instrument approvals (payer, seller, funder)

  • Deal activation

  • Company management

Service Account Permissions

The platform supports service accounts with configurable permissions for programmatic access without granting full administrative rights.​

---

Security Considerations

Password Management

  • Force Password Change at Next Login - Administrators can force users to change passwords

  • Password Reset - Administrators can reset user passwords with automatic temporary password generation

Session Management

  • Session timeouts are configurable at the environment level

  • 2FA tokens have a 3-minute lifetime for enhanced security

  • Permission-based 2FA creates single-use token chains

Audit Trail

The View audit trail permission (Admin only) provides access to comprehensive system activity logs with anonymized sensitive data.​

This comprehensive permissions structure ensures appropriate access control while supporting the complex workflows required for supply chain financing operations.

0%