Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/own-pay/OwnPay-Documentation/llms.txt

Use this file to discover all available pages before exploring further.

OwnPay uses a Role-Based Access Control (RBAC) system to govern what each staff member can see and do within the admin dashboard. Super-administrators define roles — named permission bundles such as “Finance Auditor” or “Support Agent” — and then assign those roles to staff members. Every request to a protected route is validated against the user’s combined permissions, and access is denied with a 403 Forbidden response if the required permission is absent. This architecture ensures that sensitive operations like gateway management and API key access are always restricted to explicitly authorised personnel. In the OwnPay admin dashboard, expand the PEOPLE section in the left sidebar and click Roles & Permissions. The page opens showing the active roles list and the full permissions grid.

Roles List

The roles table lists every role defined on the platform:
ColumnDescription
RoleHuman-readable name of the role (e.g. Owner, Finance Auditor).
SlugSystem identifier used in permission checks (e.g. owner, finance-auditor).
DescriptionBrief explanation of what staff in this role do.
PermissionsCount of permission nodes currently active for this role.
TypeSystem (built-in, not deletable) or a user-created brand role.
ActionsEdit opens the role form to modify name, description, and permission assignments.

Available Permission Scopes

Permissions are grouped by functional module. Each permission controls access to one specific area of the admin panel.

Full Permissions Reference

ModulePermissionDescription
DevelopersManage API KeysCreate, rotate, and delete API access keys.
DevelopersView API KeysRead-only access to existing API key metadata (not the raw secret).
GatewaysManage GatewaysInstall, create, edit, and delete payment gateways.
GatewaysView GatewaysRead-only access to the gateway list and configuration.
MobileManage DevicesPair, revoke, and delete Android companion devices.
MobileView DevicesView paired device status and connection history.
MobileManage SMSCreate, edit, and delete SMS parsing templates.
MobileView SMSView SMS Centre templates and SMS data logs.
PaymentsManage InvoicesCreate, send, edit, and cancel customer invoices.
PaymentsView InvoicesRead-only access to the invoices list and individual records.
PaymentsManage Payment LinksCreate and delete payment link pages.
PaymentsView Payment LinksView existing payment link configurations.
PaymentsManage TransactionsApprove, refund, and update transaction states.
PaymentsView TransactionsRead-only access to transaction records and history.
PeopleManage BrandsCreate, edit, and delete brand storefronts.
PeopleView BrandsRead-only access to the brands list.
PeopleManage CustomersCreate, edit, and delete customer profiles. Full PII access.
PeopleView CustomersView customer list and profiles (PII may be masked by role configuration).
PeopleManage StaffInvite, edit, suspend, and delete staff accounts.
PeopleView StaffRead-only access to the staff directory.
SystemAdmin AccessGrants access to the admin dashboard root. Required for all staff.
SystemManage DomainsAdd and remove custom domain mappings for brands.
SystemView DomainsView domain records and DNS verification status.
SystemManage PluginsInstall, activate, and deactivate platform plugins.
SystemView PluginsView installed plugin list.
SystemManage SettingsEdit platform-wide and brand-level configuration settings.
SystemView SettingsRead-only access to settings pages.
SystemView Audit LogAccess the activity audit trail.
SystemBalance VerificationRun financial reconciliation checks.
SystemView ReportsAccess the Reports page and export financial data.
SystemSystem UpdateTrigger platform version updates.

Creating a Custom Role

1

Click + Create Role

On the Roles & Permissions page, click the + Create Role button to open the role creation form.
2

Enter a role name and description

Type a clear Role Name (e.g. Finance Auditor) and a brief Description explaining the role’s scope (e.g. “Read-only access to financial reports, transactions, and audit logs”). A good description helps other administrators understand the role’s intent at a glance.
3

Select the required permissions

In the Assign Permissions section, check each permission node this role should include. For a Finance Auditor role, you might select View Transactions, View Invoices, View Reports, View Audit Log, and Balance Verification.
4

Save the role

Click Create Role. The new role appears in the Active Roles list and is immediately available for assignment when creating or editing staff members.

Modifying an Existing Role

1

Locate the role in the Active Roles table

Find the role you want to update and click Edit under the Actions column.
2

Update the role name or description

Modify the Role Name or Description fields if needed.
3

Update permission checkboxes

Check or uncheck permission nodes to adjust what this role grants. Changes apply to all staff members currently assigned this role.
4

Save changes

Click Save Permissions. The updated permission set is applied immediately — there is no need to log staff out or restart the server.

Assigning Roles to Staff

Roles are assigned when creating or editing a staff member:
  1. Navigate to People → Staff and open the target staff member’s Edit form.
  2. Open the Role dropdown and select the appropriate role.
  3. Optionally, check or uncheck individual permissions in the Permissions grid to override the role’s defaults for this specific user.
  4. Click Save.

How Role Inheritance Works

Permission resolution follows a two-level inheritance model:
1

Role-level permissions are loaded

When a staff member logs in, the system retrieves all permissions attached to their assigned role. This forms the baseline permission set.
2

User-level overrides are applied

Any individual permissions explicitly checked on the staff member’s own profile are merged on top of the role permissions. This means individual overrides can grant additional access beyond the role, or — if a permission is explicitly unchecked — restrict access that the role would otherwise provide.
3

Navigation is filtered dynamically

The admin sidebar and page access are filtered at render time based on the final merged permission set. Attempting to load a restricted page URL directly returns a 403 Forbidden response.

Role Design Recommendations

Support Agent

Permissions: View Transactions, View Customers, View Invoices. No write access — agents can look up payments and customer details to answer queries without being able to alter records.

Finance Auditor

Permissions: View Transactions, View Reports, View Audit Log, Balance Verification. Gives full financial visibility for reconciliation without any write permissions.

Gateway Manager

Permissions: Manage Gateways, Manage Devices, Manage SMS. Scoped to payment infrastructure configuration, isolated from customer data and financial reports.

Brand Administrator

Permissions: Manage Brands, Manage Staff, Manage Settings, View Reports. Full control over a brand’s configuration and team, without access to developer credentials or system updates.
Only super-administrators should have access to the Roles & Permissions panel. Never assign Manage Staff to non-owner accounts — a user with that permission could modify their own permissions, assign themselves elevated roles, or lock out other administrators. This permission should be treated as equivalent to full system access.

Build docs developers (and LLMs) love