Roles

Three portals.
Configured per organization.

Each person sees what they need. Nothing they don't.

Employee
Personal scope
Guard
Today only
Admin
Full system
How permissions work

Configurable, not hard-coded.

The three portal categories are the architecture. The exact permission set inside each role is configured per organization during setup. A site lead, a supervisor, a contractor, an investigator: each gets the access that matches the job.

The defaults below are sensible starting points. Every line is adjustable.

Employee
Default scope
Submit and view their own visit requests. No system-wide visibility.
Guard
Default scope
View today's expected visitors. Verify and check in / out. No historical access.
Admin
Default scope
Search, export, and audit all records. Configure users and roles. Full read access.
Custom
Per-org
Site leads, supervisors, contractors, investigators. Tuned at setup.
A typical setup

Five roles cover most operations.

This is what the role list usually looks like after the first onboarding session. Yours may differ; the system is built for that.

Site lead
Sees every visit at their site. Can approve unscheduled walk-ins. Cannot edit other sites' records.
Supervisor
Reviews active and recent visits across multiple sites. Read-only on operational records.
Contractor coordinator
Schedules visits for vendor crews. Sees only the contractor pool of visitors. Cannot see employee guests.
Investigator
Read-only access to all records, plus export. Used for incident review and audit response.
System admin
Configures users, roles, sites, and retention. Full read access. Cannot modify completed records.

See it on your team.

Run a 30-day pilot. We help you map your roles. You see how it fits.

Request a 30-day pilot