Roles and Permissions in Wiv

Modified on Sun, 1 Feb at 11:53 AM

Roles and Permissions in Wiv

This article explains the different roles available in Wiv and the permissions associated with each role. The roles are divided into two main categories:

Standard Roles
MSP (Managed Service Provider) Roles

The goal of this model is to provide clear separation of responsibilities, strong security boundaries, and flexibility for organizations managing their own Cloud environments as well as MSPs managing multiple customer organizations.

Standard Roles

These roles are typically used by organizations managing their own Cloud environment.

Admin

The Admin role has full control over the organization and its configuration.

Permissions include:

Full access to all dashboards and cases
Manage organization settings and metadata
Invite, remove, and manage users
Change user roles
Manage integrations and API keys
Configure Enterprise SSO
Full access to workflows, templates, and system settings
Read activity logs and approvals

Who should use this role:

Account owners
Platform administrators

Editor

The Editor role is designed for power users who actively configure and operate Wiv, but should not manage users or high-risk organization settings.

Permissions include:

View and edit dashboards
Read cases and cost insights
Create and edit workflows
Read integrations and datastores
Access support features
Read activity logs

Limitations:

Cannot manage organization members
Cannot change roles or org-level security settings

Who should use this role:

FinOps engineers
Platform operators

Member

The Member role provides read-focused access with limited ability to make changes.

Permissions include:

View dashboards and cases
Read workflows and templates
Read integrations and cost data
Access home and support views

Limitations:

No edit access to dashboards or workflows
No user or organization management

Who should use this role:

Finance stakeholders
Engineering managers

Guest

The Guest role is the most restricted role and is typically used for limited or external access.

Permissions include:

Very limited or read-only access
No access to sensitive cost, org, or workflow data by default
This is the default role assigned to a user who is added to the platform without being explicitly assigned another role

Who should use this role:

External viewers

MSP Roles

MSP roles are designed for Managed Service Providers that manage multiple customer organizations within Wiv. These roles provide a clear separation between MSP-level control and customer-level access.

MSP-Admin

The MSP-Admin role has broad control across multiple customer organizations.

Permissions include:

Create and manage customer organizations
Access customer dashboards and cases
Manage organization metadata and settings at the customer level
Invite and manage users within customer organizations
Configure Enterprise SSO for customers
Manage workflows across customer accounts
Access activity logs and approvals

Who should use this role:

MSP platform administrators
Central FinOps teams

MSP-Customer-Admin

This role is intended for administrators within a specific customer organization managed by an MSP.

Permissions include:

Manage organization settings for a specific customer
Manage users within that customer organization
Access dashboards, cases, and workflows

Who should use this role:

Customer-side administrators under an MSP

MSP-Customer-Editor

The MSP-Customer-Editor role allows active operation within a specific customer organization without user or organization management privileges.

Permissions include:

View and edit dashboards
Read cases and cost insights
Read and execute workflows
Read access to integrations and datastores

Limitations:

Cannot manage users
Cannot modify org-level security settings

Who should use this role:

MSP operators working hands-on with customer accounts

MSP-Customer-Viewer

The MSP-Customer-Viewer role provides read-only access scoped to a specific customer organization.

Permissions include:

View dashboards and cases
Read cost and usage insights
View workflows and reports

Limitations:

No edit or management permissions

Who should use this role:

Customer stakeholders
Read-only MSP access

If you have questions about which role best fits your use case or need help designing role assignments for your organization or MSP structure, contact the Wiv support team.