Permissions follow the pattern module:action:resource. For background on the model, see Permissions and roles.
| Permission | What it allows |
|---|---|
relationships:read:contacts |
View contacts, organisations, and things |
relationships:write:contacts |
Create, edit, and delete contacts, organisations, and things |
relationships:read:touchpoints |
View touchpoint activity on contacts |
relationships:write:touchpoints |
Log new touchpoints against contacts |
relationships:read:fundraisingactivities |
View fundraising activities and payments |
relationships:write:fundraisingactivities |
Create, edit, and delete fundraising activities and payments |
relationships:admin:settings |
Manage touchpoint type definitions and communications consent settings |
relationships:manage_contact_access |
Restrict which teams or users can see specific fields on a contact |
account:read:team |
View team members and their permissions |
account:admin:team |
Add or remove members and grant or revoke permissions |
account:read:teams |
View teams and membership |
account:write:teams |
Create, rename, and delete teams; manage members |
sysadmin:admin |
Full platform administration — reserved for ThirdSectorBee staff |
tickettailor:settings:change |
Configure the TicketTailor integration and manage event-to-activity mappings |
tickettailor:sync:initiate |
Trigger a sync from TicketTailor (full or scoped to a single event) |
sysadmin:admincannot be assigned through the workspace settings UI. It is granted to platform staff only.
See your own permissions
Go to Settings → Permissions. Your permissions are grouped by workspace.
Who can change permissions
Only users with account:admin:team can change permissions for other users. If you believe you are missing a permission, contact your workspace administrator.