Skip to content
ConvoLog Docs

Permissions & Access Control

ConvoLog uses role-based access control (RBAC) with three roles. Visibility of people records is derived automatically from the org reporting hierarchy — no manual permission lists.

Roles

RoleDescription
SUPER_ADMINFull access to everything. Can manage users, roles, and system configuration. Typically the IT administrator or the most senior manager.
ADMINCan manage users and people within their part of the hierarchy. Cannot change system configuration.
USERStandard manager account. Can log entries for people who report into them (directly or indirectly).

Visibility

A USER or ADMIN can only see people who are in their reporting subtree. The subtree is determined by the org hierarchy you define in ConvoLog.

Example:

Alice (ADMIN)
├── Bob (USER)
│   ├── Carol
│   └── Dave
└── Eve (USER)
    └── Frank

In this hierarchy:

  • Alice can see Bob, Carol, Dave, Eve, and Frank.
  • Bob can see Carol and Dave.
  • Eve can see Frank.
  • Bob cannot see Eve or Frank.

Visibility is computed dynamically — if you change the reporting structure, visibility updates immediately.

Logging for someone outside your hierarchy

By design, you cannot create log entries for someone who is not in your reporting subtree. This prevents accidental cross-team data access.

If you legitimately need to log an entry for someone outside your tree (e.g. a matrix-managed report), a SUPER_ADMIN can create the entry on your behalf, or you can request a hierarchy change.

Inviting users

Only ADMIN and SUPER_ADMIN can invite new users. Invitations are sent by email.

Changing a user’s role

Only SUPER_ADMIN can promote or demote users. Role changes take effect immediately on next login.

Audit log

Every action — including role changes, user creation, and permission updates — is recorded in the audit log. The audit log is append-only and cannot be edited through the UI.