With multiple admins in an org, it would be useful to limit the access of certain admins. To do this, we need role-based access controls.
- admin: Full control of the Org
- standard: Full control of the Org except deleting it (read-only billing)
- reporter: Read-only access to an Org
- onsite: Can check-in, register, and view attendees/orders
See the full permissions here.
- What roles should there be? What personas should have access to what?
- Would it be useful to have org level and event level permissions (e.g. some admins only have access to a certain event)?