TLDR: The Thirdfort platform has three user types with different permissions: Admins, who manage the organisation and user roles; Creators, who can initiate checks and review reports; and Viewers, who can only review reports and cannot initiate verifications. User types are assigned by organisational admins.
User Types & Roles on Thirdfort
Thirdfort has eight roles: Org Admin, Compliance Admin, Team Admin, Creator, Viewer, Review Initiator, Reviewer, and Review Admin, each with different levels of access to platform features and settings.
Each Thirdfort user is assigned a role that determines their access to platform features and settings.
An Organisational Admin must assign a role to every platform user. The role a user holds controls what they can see and do within the platform.
Organisational Admins
Organisational Admins have the highest permission level within an organisation. An Organisational Admin can:
- Manage all aspects of the organisation
- Add and remove users
- Assign roles and permissions to users
- Configure organisation, brand and team settings
- Add and remove teams
- Send a check for review
Compliance Admin
Compliance admins have the highest permission level for reviews and tasks across the entire organisation. They can:
- Assign review initiator, reviewer and review admin roles to users.
- View all checks, action check results, send checks for review and review checks themselves.
Team Admin
Team Admins are assigned by an Org Admin for a specific team. A Team Admin can:
- Manage all aspects of their team, including name, description and settings
- Configure their team's access to products and features (limited to products approved at organisation level)
- Add, remove and assign roles to users within their team — Team Admins cannot add or remove users from the platform
- Run checks and action check results
Creator
Creators can initiate checks, review reports and access the platform based on the permissions assigned by their organisation's admins.
Viewer
Viewers can review reports and access the platform based on the permissions assigned by their organisation's admins. Viewers cannot initiate verifications from the Thirdfort platform.
Review Initiator
Review Initiators can send a check for review. They can add commentary and select which reviewer should receive the check.
Reviewer
Reviewers can receive checks sent for review, view the check result and any commentary from the Review Initiator, and make a decision on the check.
Review Admin
Review Admins have all the permissions of a Review Initiator and Reviewer, and can also add new Reviewers and Review Initiators to the platform.
Permissions overview
| Permission | Org Admin | Team Admin | Creator | Viewer | Review Initiator | Reviewer | Review Admin | Compliance Admin | Permission |
| Manage organisation settings | Full | No | No | No | — | — | — | Manage organisation settings | |
| Manage teams | Full | Limited | No | No | — | — | — | Manage teams | |
| Manage users | Full | Limited | No | No | — | — | — | Manage users | |
| Run checks | Full | Full | Full | No | — | — | — | Run checks | |
| View check results | Full | Full | Full | View only | — | Full | Full | Full | View check results |
| Action check results | Full | Full | Full | No | — | — | — | Full | Action check results |
| Send checks for review | Full | — | No | No | Full | No | Full | Full | Send checks for review |
| Review checks | Full | — | No | No | No | Full | Full | Full | Review checks |
This guide is for Thirdfort Clients using the new CDD platform. This article may not apply if you have not yet been migrated to the new platform or access Thirdfort via a partner or reseller.