Roles & Permissions
Vigil uses roles to control what each person can see and do. A role is assigned when a user is invited and can be changed by an Org Admin at any time.
Role overview
| Role | App | Who it's for |
|---|---|---|
| Org Admin | Web + Mobile | Your operations manager or platform administrator |
| Org Operator | Web + Mobile | Facility supervisors running day-to-day work |
| Org User | Web + Mobile | Store-level staff who report problems |
| SP Admin | Service app only | The contact person at a contractor company |
| SP Technician | Service app only | Individual repair technicians |
Org Admin
Full access to everything within the organization.
Can do:
- Create and edit sites, systems, spaces, and assets.
- Add and manage service providers (technicians, site access).
- Invite and manage all users and their roles.
- Create, assign, verify, and close issues and work orders.
- Set up PM schedules and SLAs.
- Access reports, compliance, billing, and org settings.
- Manage integrations and KPI rules.
Org Operator
Full operational access. Cannot manage users, billing, or org settings.
Can do:
- Read all assets, systems, and spaces.
- Create and update issues.
- Create, assign, and verify work orders.
- View and run reports and compliance data.
- Use the AI assistant.
Cannot do:
- Invite or remove users.
- Change roles.
- Access billing or org settings.
Org User
Read access plus issue creation. Site-restricted — limited to the specific stores they've been granted access to.
Can do:
- Read assets, issues, and work orders (at their assigned sites).
- Create issues.
- Verify (approve/reject) work orders.
- Use the AI assistant.
Cannot do:
- Create or assign work orders.
- Manage service providers.
- Access reports or org-level settings.
- See data from sites they haven't been granted access to.
SP Admin
Manages their contractor company's presence in Vigil. Service app only — cannot use the web app.
Can do:
- View work orders assigned to their company.
- Manage their own company's technicians within Vigil.
- Submit completed work for review.
Cannot do:
- View other service providers' work.
- Create issues or work orders.
- Assign or approve work.
SP Technician
Does the assigned work on site. Service app only.
Can do:
- View work orders assigned to them at their contracted sites.
- Check in and check out.
- Add session notes and evidence photos.
- Submit work for facility review.
Cannot do:
- See work orders assigned to other technicians.
- Create issues or work orders.
- Assign, approve, or reject work.
- Access equipment outside their contracted sites.
Permission quick-reference
| Permission | Org Admin | Org Operator | Org User | SP Admin | SP Technician |
|---|---|---|---|---|---|
| View assets | ✅ | ✅ | ✅ | — | — |
| Edit assets | ✅ | — | — | — | — |
| View issues | ✅ | ✅ | ✅ | — | — |
| Create issues | ✅ | ✅ | ✅ | — | — |
| Close issues | ✅ | — | — | — | — |
| View work orders | ✅ | ✅ | ✅ | ✅ (own SP) | ✅ (assigned to them) |
| Create work orders | ✅ | ✅ | — | — | — |
| Assign work orders | ✅ | ✅ | — | — | — |
| Check in / check out | — | — | — | ✅ | ✅ |
| Submit work | — | — | — | ✅ | ✅ |
| Verify (approve/reject) | ✅ | ✅ | ✅ | — | — |
| Manage service providers | ✅ | — | — | — | — |
| Invite users | ✅ | — | — | — | — |
| Manage roles | ✅ | — | — | — | — |
| View reports | ✅ | ✅ | — | — | — |
| Access billing/settings | ✅ | — | — | — | — |
Changing a role
- Go to Org Settings → Team → Current Team.
- Click the team member's row.
- Change the Role dropdown.
- Save.
Changes take effect immediately on the person's next request.
Related: Invite Users & Manage Roles