With multiple admins in an org, it would be useful to limit the access of certain admins. To do this, we need role-based access controls.
Roles
  • admin
    : Full control of the Org
  • standard
    : Full control of the Org except deleting it (read-only billing)
  • reporter
    : Read-only access to an Org
  • onsite
    : Can check-in, register, and view attendees/orders
See the full permissions here.
Questions:
  • What roles should there be? What personas should have access to what?
  • Would it be useful to have org level and event level permissions (e.g. some admins only have access to a certain event)?