Access Control
Role matrix
Server-enforced role gates for every portal surface and API boundary.
| Role | Default portal | Allowed | Restricted |
|---|---|---|---|
| Employee | /m | Punch in/out, leave request, personal timeline | Billing, owner portal, super portal, tenant management |
| HR Admin | /app/projects | Employees, attendance, leave, payroll export, settings | Owner tenant controls, super admin controls |
| Owner / MSP | /owner, /msp | Tenant list, usage, read-only impersonation, exports | Super-admin only actions |
| Super Admin | /super | Platform health, license QA controls, global tenant oversight | Customer-tenant write actions outside approved controls |