Intrex Docs
Go to App
← Back to Documentation

User Roles

Intrex uses a three-tier role system to control access. Each role has specific permissions designed for different responsibilities within your organization.

Head Office Admin

Full administrative access to the entire organization

Permissions

Manage Users
Create, edit, delete users across all branches
Manage Branches
Create and configure all branches
Manage Templates
Create obligation templates for entire organization
View All Data
Access obligations, domains, and logs for all branches
Configure Connectors
Setup notification channels
Manage Billing
View and manage subscription details
View Activity Logs
Complete audit trail access

Branch Manager

Manage a specific branch and its compliance activities

Permissions

View Branch
Access assigned branch only
Manage Obligations
Create and edit obligations for their branch
Complete Obligations
Mark items as complete with document upload
View Notifications
See alerts related to their branch
Acknowledge Alerts
Confirm receipt of notifications
View Activity
See activity logs for their branch

Limitations

Cannot create new branches
Cannot manage other branches
Cannot manage users outside their branch
Cannot configure global connectors

Operator

Basic role for day-to-day compliance tasks

Permissions

View Assigned Obligations
See obligations assigned to them
Update Status
Update progress on assigned items
Upload Documents
Attach compliance proof documents
View Notifications
Receive and view personal notifications

Limitations

Cannot create new obligations
Cannot delete records
Cannot view other users data
Limited to assigned tasks only

Assigning Roles

Roles are assigned when creating or editing users. Only Head Office Admins can assign roles to other users.

// Role assignment via UI
1. Go to Settings → Team
2. Click "Add User" or edit existing user
3. Select role from dropdown
4. For Branch Manager/Operator, select assigned branch
5. Save changes

// User receives email with login credentials

Role Assignment Best Practices

  • Principle of Least Privilege: Assign the minimum role needed for the job
  • Head Office Admins: Limit to 2-3 trusted personnel
  • Branch Managers: One per branch for clear accountability
  • Operators: Can be multiple per branch for day-to-day tasks
  • Regular Review: Audit roles quarterly to ensure appropriate access

Security Considerations

Role changes take effect immediately. When a user's role is demoted, they may lose access to previously visible data on their next request.

Deleted users retain their historical actions in audit logs, but their personal information is anonymized per data retention policies.