Set up permission groups

Permission Groups in Reah define what each team member can view, initiate, and approve.

Last updated 1 day ago

Summary

Permission Groups in Reah define what each team member can view, initiate, and approve.

Combined with approval workflows, this ensures:

  • Each person can take the actions they need.
  • All critical operations are properly reviewed before execution.

You can assign roles when inviting members and update them at any time.

Permission groups

Reah provides four default roles. Assign based on responsibilities, not job titles.

Owner — Founders, CFOs

  • Full access across all modules
  • Can initiate and approve all actions
  • Can manage members and permission groups
  • Adding or removing members does not require approval

Admin — Controllers, Finance Leads

  • Can view and manage accounts, transactions, and financial data
  • Can initiate actions (e.g. transfers, Treasury operations)
  • Can configure approval workflows
  • Can manage members and permission groups

Some actions initiated by Admins (e.g. member changes, high-value transactions) require Owner approval

Member — Operators, Department Leads

  • Can view data
  • Can initiate actions (e.g. transfers, Treasury allocations)
  • Cannot approve actions

All actions must go through approval workflows before execution

Viewer — Auditors, Finance team members

  • Read-only access
  • Cannot initiate or approve actions

Permissions overview

Manage members in a permission group

To add or remove members:

  1. Go to Settings → Entity → Permission Groups
  2. Select a permission group
  3. Click Add Members or Remove Members

Approval rules

Member changes are treated as permission change requests and may require approval:

  • Requests initiated by Admins require Owner approval
  • Requests initiated by Owners are approved immediately

How permission groups work with approvals

In Reah:

  • Permission groups define who can take actions
  • Approval workflows define whether those actions can be executed

For example:

  • A Member can initiate a transfer
  • The transfer is only executed after it is approved

Best practices

  • Start with the lowest level of access and increase only when needed
  • Limit Owner roles to a small number of trusted individuals (e.g. 1–2 people)
  • Use Admin roles for day-to-day operations instead of Owner
  • Review access regularly and remove users who no longer need it

What to do next

  • Set up approval workflows
  • Configure transaction approval rules
  • Invite team members
  • Submit and approve requests