Roles and Permissions in Wiv
This article explains the different roles available in Wiv and the permissions associated with each role. The roles are divided into two main categories:- Standard Roles
- MSP (Managed Service Provider) Roles
Standard Roles
These roles are typically used by organizations managing their own Cloud environment.Admin
The Admin role has full control over the organization and its configuration. Permissions include:- Full access to all dashboards and cases
- Manage organization settings and metadata
- Invite, remove, and manage users
- Change user roles
- Manage integrations and API keys
- Configure Enterprise SSO
- Full access to workflows, templates, and system settings
- Read activity logs and approvals
- Account owners
- Platform administrators
Editor
The Editor role is designed for power users who actively configure and operate Wiv, but should not manage users or high-risk organization settings. Permissions include:- View and edit dashboards
- Read cases and cost insights
- Create and edit workflows
- Read integrations and datastores
- Access support features
- Read activity logs
- Cannot manage organization members
- Cannot change roles or org-level security settings
- FinOps engineers
- Platform operators
Member
The Member role provides read-focused access with limited ability to make changes. Permissions include:- View dashboards and cases
- Read workflows and templates
- Read integrations and cost data
- Access home and support views
- No edit access to dashboards or workflows
- No user or organization management
- Finance stakeholders
- Engineering managers
Guest
The Guest role is the most restricted role and is typically used for limited or external access. Permissions include:- Very limited or read-only access
- No access to sensitive cost, org, or workflow data by default
- This is the default role assigned to a user who is added to the platform without being explicitly assigned another role
- External viewers
MSP Roles
MSP roles are designed for Managed Service Providers that manage multiple customer organizations within Wiv. These roles provide a clear separation between MSP-level control and customer-level access.MSP-Admin
The MSP-Admin role has broad control across multiple customer organizations. Permissions include:- Create and manage customer organizations
- Access customer dashboards and cases
- Manage organization metadata and settings at the customer level
- Invite and manage users within customer organizations
- Configure Enterprise SSO for customers
- Manage workflows across customer accounts
- Access activity logs and approvals
- MSP platform administrators
- Central FinOps teams
MSP-Customer-Admin
This role is intended for administrators within a specific customer organization managed by an MSP. Permissions include:- Manage organization settings for a specific customer
- Manage users within that customer organization
- Access dashboards, cases, and workflows
- Customer-side administrators under an MSP
MSP-Customer-Editor
The MSP-Customer-Editor role allows active operation within a specific customer organization without user or organization management privileges. Permissions include:- View and edit dashboards
- Read cases and cost insights
- Read and execute workflows
- Read access to integrations and datastores
- Cannot manage users
- Cannot modify org-level security settings
- MSP operators working hands-on with customer accounts
MSP-Customer-Viewer
The MSP-Customer-Viewer role provides read-only access scoped to a specific customer organization. Permissions include:- View dashboards and cases
- Read cost and usage insights
- View workflows and reports
- No edit or management permissions
- Customer stakeholders
- Read-only MSP access
If you have questions about which role best fits your use case or need help designing role assignments for your organization or MSP structure, contact the Wiv support team.