Permissions & Access
How permissions work in Cadenio
A model that is easy to reason about and safe by default: each person sees only what they need, and you open up the rest in a controlled way.
The core idea: access is denied by default. A new member sees no flows or folders until they are granted access. This prevents accidental exposure and is the foundation of least privilege — instead of 'everyone sees everything and you scramble to restrict.'
Owner
Full control of the organization
- Has unrestricted access across the organization.
- Sets the plan, transfers ownership, and manages admins.
- The only role that can restrict an Admin with an exception rule.
Admin
Day-to-day management
- Full access by default — sees and manages every flow, folder, and run.
- Invites people, creates groups, and grants permissions.
- Can only be restricted by an exception rule created by the Owner.
Member
Tailored access
- Starts with no access to flows and folders — receives only what is granted.
- Can always act on what they created or were assigned to.
- Built for least privilege: each person sees only what they need.
Who sees what by default
What a regular member (with no grants) and an Admin see when they join the organization.
| Resource | Member (default) | Admin |
|---|---|---|
| Flows (templates) | None until granted | All |
| Folders | None until granted | All |
| Runs | Only those they own or are responsible for | All |
| Tasks | Only those they created or were assigned | All |
| Organization settings | No access | Management access |
How to grant access
Ready-made presets for each profile
Instead of configuring permission by permission, start from a preset and fine-tune per folder or flow when needed. To scale, grant access to a group and add people to it.
- Viewer — Can see flows and runs, but does not start or edit them.
- Member — Sees, starts runs, and completes the tasks assigned to them.
- Team Lead — Everything a Member can do + edit flows and manage the team's runs.
- Process Manager — Creates and publishes flows and administers permissions for their folder.
Relationship access
You always reach what is yours
Regardless of grants, a person can always work on the tasks and runs where they are the creator, owner, or assignee. Someone with edit rights can fill a task; completing it requires being responsible for it.
Approvals
Segregation of duties
On approval tasks, only the configured approvers decide — not even the run owner or an Admin approves on their behalf unless they are on the list. This is the control compliance expects.
External participants. Need someone outside to fill in a step? Share the task by link with per-action permissions (fill, upload, comment, complete). Links expire and can be revoked at any time — without giving access to the organization.
FAQ
Frequently asked questions
Does a new member get access to everything or nothing by default?
Nothing. Cadenio is deny-by-default: a new member sees no flows or folders until they are explicitly granted access — through a preset, a folder/flow grant, or a group that has access. The exception is tasks and runs they own or are responsible for: there they can always act.
What is the difference between Admin and Owner?
The Owner owns the organization and has unrestricted access. An Admin also has full access by default, but can be limited by an exception rule that only the Owner can create. Regular members get tailored access.
How do I give someone access?
You grant access with a preset (Viewer, Member, Team Lead, Process Manager) or granularly on a specific folder or flow. To scale, use groups: grant access to the group and add people to it.
Who can approve an approval task?
Only the people configured as approvers for that task — not even the run owner or an Admin can approve on their behalf unless they are on the list. This enforces segregation of duties for compliance.
What about people outside the organization (external participants)?
You share specific tasks by link with per-action permissions (fill fields, upload files, comment, complete). Links expire and can be revoked at any time.
Want to model your team's access with confidence?
Our team can help design roles, groups, and presets that fit your governance.