Learn Mokapen

User roles guide

Every user in Mokapen belongs to one or more organizations with a specific role. The role defines what you can view, create, and configure: not everyone accesses settings, not everyone invites colleagues, not everyone manages billing or security. This guide summarizes the six main roles and the increasing permissions from Guest to Admin.

Role overview

The system has 6 main roles, with increasing permissions:

1. Guest — minimum access
2. Limited User — basic access
3. User — standard access
4. Member — full access
5. Owner — administrative access
6. Admin — super-administrative access

1. Guest

What they can do

• View entities they were explicitly invited to (e.g. tasks, projects)
• See limited information on assigned activities/projects
• Receive notifications related to assigned activities

What they cannot do

• Create new entities (contacts, tasks, products, etc.)
• Modify organization data
• Access settings
• View the full list of users, contacts, or other entities
• Access advanced features

Practical examples

• Can view an assigned task, but cannot edit it
• Can view a project they were added to as a stakeholder, but cannot add other members
• Cannot access the «Settings» menu in the sidebar

2. Limited User

What they can do

• View and manage their own entities (contacts, tasks, products, etc.)
• Create new entities (contacts, companies, tasks, products, orders, etc.)
• View the list of users and teams (only those they belong to)
• Access basic features of active apps (Contacts, Sales, Activities, Tickets, etc.)
• Create connections between entities

What they cannot do

• Modify organization settings
• Manage users (invite, remove, change roles)
• Create or modify teams
• Access app settings (custom fields, columns, etc.)
• Modify organization preferences
• Manage security and integrations

Practical examples

• Can create a new contact and assign themselves as owner
• Can only see teams they belong to in the «Users and Teams» section
• Cannot modify custom fields in the Settings section
• Can create an order, but cannot modify product settings

3. User

What they can do

• Everything a Limited User can do
• Invite new users to the organization
• Manage users (view, edit, remove)
• Create and manage teams
• Modify user information

What they cannot do

• Access general organization settings
• Modify app settings (fields, columns, etc.)
• Manage security and integrations
• Modify organization preferences
• Access billing settings and premium plans

Practical examples

• Can invite a new colleague and assign them a role
• Can create a «Sales» team and add members
• Can edit an existing user's profile
• Cannot modify contact custom fields in settings
• Cannot access the «Security» section in the sidebar

4. Member

What they can do

• Everything a User can do
• Access app settings (custom fields, columns, views, etc.)
• Modify Contacts, Sales, Activities, Tickets, etc. settings
• Manage data import
• Modify general organization information
• Access advanced app features

What they cannot do

• Manage organization security (passwords, two-factor authentication, etc.)
• Modify application preferences (which apps are active)
• Manage billing and premium plans
• Manage data export
• Access advanced integrations
• Delete the organization

Practical examples

• Can customize contact fields (add custom fields)
• Can modify visible columns in the product list
• Can import a CSV file of contacts
• Can modify the organization name and details
• Cannot change the organization's premium plan
• Cannot modify security settings

5. Owner

What they can do

• Everything a Member can do
• Manage organization security
• Modify application preferences (enable/disable apps)
• Manage billing and premium plans
• Access integrations
• Delete the organization
• Manage whitelabel (if available)

What they cannot do

• Access features reserved for Admins (if any)

Practical examples

• Can enable or disable the «Sales» app in preferences
• Can change the plan from Free to Premium
• Can configure the Fatture in Cloud integration
• Can modify security settings (password policy, 2FA, etc.)
• Can delete the organization (with confirmation)

6. Admin

What they can do

• Everything an Owner can do
• Full access to all features
• Manage partner features (if available)
• Access Developer features (if available and on a Large plan or higher)

Notes

In the seed system, Admin and Owner have the same permissions. The difference may be implemented at the business logic level or for future features.

Practical examples

• Can access the «Partner» section (if the organization is a partner)
• Can access the «Developer» section for API and webhooks (with a Large plan or higher)
• Has full access to all features without restrictions

Quick feature comparison

Important notes

• Permissions may vary based on the organization's Premium plan (Free, Small, Medium, Large, Extra Large)
• Some features require both the appropriate role and the necessary Premium plan
• Team-level permissions can further restrict access to specific resources
• Apps must be enabled in organization preferences to be accessible

Frequently asked questions

Q: Can a Limited User edit a contact created by another user?

A: It depends on privacy settings and specific permissions. Generally they can only edit entities they own or are a stakeholder of.

Q: Can a Member delete the organization?

A: No, only Owner and Admin can delete the organization.

Q: Can a User see all users in the organization?

A: Yes, a User can view the full list of users, while a Limited User only sees teams they belong to.

Q: What is the difference between Owner and Admin?

A: In the base system they are equivalent. Admin may have access to additional features such as Partner and Developer if configured.