Complete reference guide for user permission levels in Otto
Otto offers different permission levels to control what users can see and do within the platform. Each role is designed for specific responsibilities and access needs.
The table below shows which actions each role can perform:
| Permission | Organization Admin | Organization User | Client | Read-Only |
|---|---|---|---|---|
| View Client Data | X | X | X | X |
| Download Reports | X | X | X | X |
| Add Accounts | X | X | X | |
| Add and Edit Transactions | X | X | X | |
| Add and Edit Private Assets | X | X | X | |
| Resync Accounts | X | X | X | |
| Edit Accounts | X | X | ||
| Add and Edit Entities | X | X | ||
| Help Desk Access | X | X | ||
| Add and Edit Clients | X | |||
| Add and Edit Users | X | |||
| View All Clients and Users | X |
Full access to all features within the organization. Organization Admins can manage users, clients, organization settings, and have complete visibility across all data.
Key Capabilities:
Can view and edit data across assigned clients. Organization Users can manage entities, accounts, and transactions but cannot manage users or clients.
Key Capabilities:
Limitations: Cannot manage users, cannot create or edit clients
Can view and edit their own client data. Client users have full control over their accounts and transactions but limited access to organizational features.
Key Capabilities:
Limitations: Cannot edit accounts, cannot manage entities, no access to other clients
View-only access to assigned client data and reports. Read-Only users cannot make any changes to data.
Key Capabilities:
Limitations: Cannot create, edit, or delete any data
User access to clients is controlled through client assignments:
Note: When creating a new user with a non-admin role, you'll need to assign client access after the account is created. See the Adding and Managing Users guide for details.