Role-based access control (RBAC) is a foundational security model in the Thena platform that ensures users have appropriate access based on their responsibilities and organizational hierarchy. This system protects sensitive operations while enabling efficient collaboration.
The Thena platform implements a progressive access model with five distinct user roles, each designed for specific use cases and access requirements

User roles and permissions

The Thena platform provides five user roles, each with specific access levels and capabilities. Use the tabs below to explore each role in detail:
Organization administrators have comprehensive access to manage their organization’s resources, settings, and members. This is the highest level of access within an organization.

Role comparison matrix

The following table shows which features are available to each role:
FeatureOrg adminOrg userLite userCustomer adminCustomer user
Ticket Management
Create tickets
View all tickets
View assigned tickets
Update ticket status
Assign tickets
Delete tickets
Escalate tickets
Account Management
Create accounts
View accounts
Update accounts
Manage customer contacts
Add account notes
Team Management
Create teams
View teams
Add team members
Configure team settings
Manage routing rules
System Configuration
Manage ticket types
Configure custom fields
Set up tags
Manage forms
User Management
Send invitations
Manage user permissions
Configure notifications
Personal Settings
Update profile
Configure preferences
Set availability
Customer Portal
Access customer portal
Configure portal settings
Use help center
Billing & Subscriptions
View billing
Manage subscriptions
Access billing portal

Common access scenarios

Here are typical scenarios for role assignment and user access management:
Scenario: A new employee joins your organization and needs access to the platform for daily work.
1

User registration

New employee creates an account or receives an invitation to join the organization
2

Role assignment

Organization admin assigns the org user role, providing complete operational access
3

Team assignment

Admin adds the user to relevant teams, granting team-specific access and permissions
4

Ready to work

User can now manage tickets, accounts, and collaborate with team members effectively
Most new team members should start with the org user role as it provides the right balance of access for daily operations without administrative privileges.