Roles & Access
Role access in Zeno is workspace-scoped and enforced by UI + backend checks.
Current role set
Owner
Full control:
- workspace settings
- billing controls
- team invites and role changes
- full audit visibility
Admin
Operational management role:
- can operate core workflows (documents/registry/transactions)
- can access audit logs
- cannot replace owner privileges such as ownership-level governance actions
Accountant
Finance operations role:
- documents and registry workflows
- exports and review tasks
- no full audit-log access
Auditor
Read-focused compliance role:
- audit log access
- read-only style usage for compliance review
Bank
External read scope role for controlled sharing scenarios. Access is intentionally limited.
Audit visibility policy
In current product behavior, audit page access is allowed for:
owneradminauditor
Other roles may see restricted access messaging.
Invite policy
Only Owner can send team invites from Settings.
Access-denied troubleshooting
If you see permission errors:
- Check your assigned role in Settings
- Ask Owner to validate required scope
- Re-login after role changes
- Retry the same action
If issue persists, include request_id and page path when contacting support.