Roles and Permissions
Brikly uses a role-based access model to control what each team member can see and do. There are four roles, each with a different level of access.
The four roles
Owner
The Owner is the person who created the workspace. There is one Owner per workspace. Owners have full control over everything - billing, team management, site configuration, and all operational features.
Admin
Admins are trusted team members who can manage day-to-day operations across the workspace. They have almost the same access as the Owner, except they cannot manage billing or transfer ownership.
Member
Members are the core operational users - chefs, kitchen managers, and procurement staff who work with recipes, invoices, and costings daily. They can create and edit operational data but cannot change workspace settings or manage other users.
Viewer
Viewers have read-only access. They can see recipes, costings, and reports but cannot create, edit, or delete anything. This role is ideal for stakeholders who need visibility without the ability to make changes.
Permission table
| Action | Owner | Admin | Member | Viewer |
|---|---|---|---|---|
| Workspace & Billing | ||||
| Manage billing and subscription | Yes | - | - | - |
| Transfer workspace ownership | Yes | - | - | - |
| Delete workspace | Yes | - | - | - |
| Team Management | ||||
| Invite users | Yes | Yes | - | - |
| Remove users | Yes | Yes | - | - |
| Change user roles | Yes | Yes | - | - |
| Site Management | ||||
| Add / edit / remove sites | Yes | Yes | - | - |
| Configure site settings | Yes | Yes | - | - |
| Suppliers | ||||
| Add / edit suppliers | Yes | Yes | Yes | - |
| Delete suppliers | Yes | Yes | - | - |
| View suppliers | Yes | Yes | Yes | Yes |
| Ingredients | ||||
| Add / edit ingredients | Yes | Yes | Yes | - |
| Delete ingredients | Yes | Yes | - | - |
| View ingredients | Yes | Yes | Yes | Yes |
| Recipes & Dishes | ||||
| Create / edit recipes | Yes | Yes | Yes | - |
| Delete recipes | Yes | Yes | - | - |
| View recipes and costings | Yes | Yes | Yes | Yes |
| Invoice Processing | ||||
| Upload invoices | Yes | Yes | Yes | - |
| Review and confirm invoices | Yes | Yes | Yes | - |
| Delete invoices | Yes | Yes | - | - |
| View invoice history | Yes | Yes | Yes | Yes |
| Reports | ||||
| View reports and dashboards | Yes | Yes | Yes | Yes |
| Export data | Yes | Yes | Yes | - |
| Integrations | ||||
| Configure integrations | Yes | Yes | - | - |
| View integration status | Yes | Yes | Yes | Yes |
Inviting users
To add a team member to your workspace:
- Go to Settings > Team.
- Click Invite Member.
- Enter the person's email address.
- Select a role from the dropdown.
- Click Send Invite.
The invitee receives an email with a link to join the workspace. Once they accept, they appear in the team list with the role you assigned.
Invitations expire after 7 days. If the invite is not accepted in time, you can resend it from the Team settings page.
Changing a user's role
Owners and Admins can change any user's role at any time:
- Go to Settings > Team.
- Find the user in the list.
- Click the role dropdown next to their name.
- Select the new role.
- The change takes effect immediately.
Downgrading a user from Admin to Member or Viewer removes their ability to manage team settings and integrations. Make sure this is intentional before making the change.
Best practices
- Use the principle of least privilege - assign the minimum role needed for each person's responsibilities.
- Keep the Owner role secure - only the business owner or a senior director should hold this role.
- Use Viewer for stakeholders - investors, accountants, or managers who need to see reports but should not change operational data.
- Assign Admin sparingly - one or two Admins alongside the Owner is usually sufficient.