Roles & Permissions
SOPHIE uses a hierarchical role-based access control (RBAC) system to manage what team members can see and do.
Role structure
Roles in SOPHIE form an organizational tree:
- Each role has a parent role (except the top-level role)
- Roles can have child roles beneath them
- The hierarchy depth determines the management chain
Role properties
| Property | Description |
|---|---|
| Role Key | Immutable identifier (e.g., office-manager) |
| Name | Editable display name (e.g., "Office Manager") |
| Parent Role | The role above this one in the hierarchy |
| Can Approve | Whether users with this role can approve SOPs |
| Approval Priority | Order in which approvers are contacted |
| Is Management Role | Marks the role as part of the management chain |
Creating roles
From Settings > Roles:
- Click Add Role.
- Set the role name and key.
- Choose the parent role to position it in the hierarchy.
- Configure approval permissions if applicable.
Permission sets
Permission sets control feature access based on your subscription tier:
| Permission Set | Features |
|---|---|
| Free | View SOPs, basic acknowledgements |
| Professional | Create/edit SOPs, workflows, team management, comments |
| Enterprise | AI features, gap analysis, action items, Practice OS, analytics, advanced admin |
Permission sets are assigned at the user level from Settings > People.
User role assignments
Each user can be assigned:
- One or more roles within the workspace
- A department association per role
- A manager relationship (who they report to)
- Direct reports (who reports to them)
Delegation
Users with management roles can delegate their responsibilities to another team member. This is useful when a manager is on vacation or otherwise unavailable. See Out of Office for details.
Viewing your permissions
Team members can see their own role assignments from Settings > My Roles.