> ## Documentation Index
> Fetch the complete documentation index at: https://docs.equa.cc/llms.txt
> Use this file to discover all available pages before exploring further.

# Roles and Permissions

> How to create roles, assign permissions, and control access in Equa

# Roles and Permissions

Equa uses role-based access control (RBAC) to determine what each member can see and do within an organization. This guide covers creating roles, assigning permissions, and managing access for your team.

## Prerequisites

* Active Equa account
* `editMembers` permission to create, edit, and delete roles
* `viewMembers` permission to view roles

## Understanding the Permission Model

Access control in Equa works through three layers:

1. **Permissions** — Individual capabilities (e.g., "View Cap Table", "Edit Documents")
2. **Roles** — Named collections of permissions (e.g., "Investor", "Admin", "Board Member")
3. **Member assignments** — Each member is assigned one or more roles

A member's effective permissions are the combined set of all permissions from all their assigned roles.

## Built-In Permissions

Equa includes 15 built-in permissions:

| Permission              | What It Controls                   |
| ----------------------- | ---------------------------------- |
| viewOrganization        | View the organization dashboard    |
| viewCapTable            | View the cap table and all holders |
| editCapTable            | Create, edit, and manage holdings  |
| viewDocuments           | View data room documents           |
| editDocuments           | Upload and edit documents          |
| deleteDocuments         | Delete data room documents         |
| viewMembers             | View member information            |
| editMembers             | Edit and manage members            |
| viewIncentivePlan       | View equity incentive plans        |
| editIncentivePlan       | Manage incentive plans             |
| viewGoverningDocuments  | View agreement documents           |
| editOrganizationDetails | Update organization settings       |
| editBilling             | View and manage billing            |
| signing                 | Sign documents and certificates    |
| viewSelf                | View own holdings and profile      |

## Creating a Role

### Step 1: Navigate to Roles

From your organization sidebar, click **Settings > Roles**.

### Step 2: Create a New Role

Click **New Role** and fill in:

* **Role name** — A descriptive name (e.g., "Investor", "CFO", "Board Observer")
* **Description** — What this role is for

### Step 3: Set Permissions

Toggle the permissions you want this role to include. Each permission controls a specific area of the platform.

### Step 4: Save

Click **Save** to create the role.

## Common Tasks

### Assigning a Role to a Member

1. Navigate to **Team Members**
2. Click on the member's name
3. Click **Edit**
4. In the **Roles** section, select one or more roles
5. Click **Save**

Permission changes take effect immediately on the member's next action.

### Viewing the Permissions Matrix

1. Navigate to **Settings > Roles**
2. Click the **Permissions Matrix** tab
3. View a grid showing all roles across the top and all permissions down the side
4. Checkmarks indicate which permissions each role has

### Editing a Role's Permissions

1. Navigate to **Settings > Roles**
2. Click on the role you want to edit
3. Click **Edit Permissions**
4. Toggle permissions on or off
5. Click **Save**

### Deleting a Role

1. Navigate to **Settings > Roles**
2. Click on the role
3. Click **Delete**
4. Confirm the action

### Creating Shared Roles

Shared roles can be reused across multiple organizations:

1. When creating a role, enable the **Shared** option
2. The role will be available for assignment in any organization it is linked to

This is useful for companies with multiple subsidiaries that use the same role structure.

### Common Role Templates

Here are some typical roles you might create:

| Role         | Suggested Permissions                                                                                |
| ------------ | ---------------------------------------------------------------------------------------------------- |
| Admin        | All permissions                                                                                      |
| Investor     | viewOrganization, viewCapTable, viewDocuments, viewSelf                                              |
| Board Member | viewOrganization, viewCapTable, viewDocuments, viewGoverningDocuments, viewMembers, signing          |
| Employee     | viewOrganization, viewSelf, viewIncentivePlan                                                        |
| CFO          | viewOrganization, viewCapTable, editCapTable, editBilling, viewDocuments, editDocuments, viewMembers |

## Tips

<Tip>
  Organization owners automatically have full access to everything — they do not need explicit role assignments. This ensures the owner can always manage the organization.
</Tip>

<Tip>
  Every member can always view their own profile and holdings through the "View Self" permission, even if they do not have "View Members". This ensures people can see their own equity.
</Tip>

<Tip>
  Use the Permissions Matrix view to quickly audit who has access to what. It is the fastest way to spot gaps or excessive permissions.
</Tip>

## Design References

Design-system source for this guide: [Roles and Permissions screenshot gallery](/architecture/design-system/screenshots/roles) and [EquaRolesPermissions](/architecture/design-system/components/equa-roles-permissions), [EquaTable](/architecture/design-system/components/equa-table), [EquaCheckbox](/architecture/design-system/components/equa-checkbox), [EquaTabs](/architecture/design-system/components/equa-tabs).

## Troubleshooting

<AccordionGroup>
  <Accordion title="A member cannot access a feature they should be able to use">
    **Cause:** The member's assigned roles may not include the necessary permission.

    **Solution:** Check the Permissions Matrix to see which permissions the member has. Assign a role that includes the missing permission, or edit an existing role to add it.
  </Accordion>

  <Accordion title="I cannot create or edit roles">
    **Cause:** You need the `editMembers` permission to manage roles.

    **Solution:** Ask the organization owner to assign you a role with the "Edit Members" permission.
  </Accordion>

  <Accordion title="Permission changes are not taking effect">
    **Cause:** Permission changes should be immediate. The user may need to refresh their browser.

    **Solution:** Ask the affected member to refresh their browser page. If the issue persists, verify the role assignment is saved correctly.
  </Accordion>

  <Accordion title="I accidentally deleted an important role">
    **Cause:** Role deletion is permanent and cannot be undone.

    **Solution:** Create a new role with the same name and permissions. Reassign it to the members who had the deleted role.
  </Accordion>
</AccordionGroup>

## Related

* [Managing Team Members](/guides/managing-team-members)
* [Admin Guide](/guides/admin-guide)
* [Organization Setup](/guides/organization-setup)
* [Team Members and Roles Specification](/specs/012-team-members-and-roles/spec)
