User Roles
DPP Kit uses a two-layer role system: a user role (set at registration) and an organization role (set per org membership).
User Roles
Your user role determines which credential types you can issue and how many organizations you can manage.
| User Role | Description | Max Orgs | Credential Access |
|---|---|---|---|
| Facility/Product Manager | Primary users who manage a single organization's credentials | 1 | All types |
| Practitioner | Agencies managing credentials for multiple clients | Unlimited | All types across all orgs |
| Standards Body | Issues conformity credentials (DCCs) | 1 | All types (focus on DCC) |
| Governing Body | Oversees and audits credential ecosystems | 1 | Read-only + audit |
Your user role is chosen during registration and determines the account type.
Organization Roles
Within each organization, members have an access level that controls what they can do:
| Org Role | Permissions |
|---|---|
| Admin | Full access. Can issue all credential types (DFR, DIA, DPP, DTE, DCC), manage organization settings, invite users, and revoke credentials. |
| Editor | Can issue DPP, DTE, and DCC credentials. Read-only access to DFR and DIA. Cannot manage organization settings or invite users. |
| Viewer | Read-only access to all credentials and the dashboard. Cannot issue or modify anything. |
tip
When you create an organization, you're automatically assigned the Admin role for that organization.
Role Combinations
A user's effective permissions are the intersection of their user role and org role. For example:
- A Practitioner with Admin access to Org A and Editor access to Org B can do everything in Org A but cannot create DFRs in Org B
- A Facility/Product Manager with Admin access has full control of their single organization
- A Standards Body user with Admin access will typically focus on issuing DCCs
Inviting Users
Only Admin users can invite new members to an organization. When inviting, you choose:
- Email — The invitee's email address
- User Role — Their account type (if they're a new user)
- Access Level — Their org role (Admin, Editor, or Viewer)
- Organizations — Which organizations to grant access to (relevant for practitioners managing multiple orgs)