The Company Accounts section in the sanctions.io Portal allows you to manage all user access within your organization. From here, you can invite new team members, assign or update their roles, and remove users who should no longer have access.
This feature ensures each team member has the appropriate permissions to perform their work while maintaining strong access control and account security.
Topics Covered
→ User Roles and Permissions Overview
User Roles and Permissions Overview
sanctions.io supports five user roles: Owner, Administrator, Compliance, Integration, and Auditor. Each role is designed to align with typical operational responsibilities within an organization.
1. Owner
The Owner has the highest level of access and oversight, and this role is unique — each account can have only one Owner. This role is typically assigned to the primary account holder or the individual responsible for overall account ownership.
Permissions include:
- Full access to application features and sections included in the organization’s subscription plan
- Full control over user management
2. Administrator
Admin has broad administrative capabilities but does not hold the unique privileges of the Owner. This role is typically assigned to team leads or individuals responsible for managing day-to-day account operations.
Permissions include:
- Full access to application features and sections included in the organization's subscription plan
- Ability to support configuration and operational setup across the account
User management permissions:
- Allowed: Managing Compliance, Integration, and Auditor users
- Not allowed: Managing Admin users (Owner-only permission)
3. Compliance
The Compliance role is designed for users who regularly perform screening and monitoring activities as part of their compliance workflow.
Permissions include:
-
Full access to the Screening Portal features
-
Full access to the Monitoring Portal features
-
Limited access to Account Management
4. Integration
The Integration role is designed for developers who build and maintain the systems that interact with the sanctions.io application. It focuses on providing the access needed to configure and manage integrations while restricting operational screening capabilities.
Permissions include:
- Access to API Settings, including:
- API token creation and management
- Webhook setup and configuration
- Ability to implement, test, and maintain API-based integrations
- Limited access to Account Management
5. Auditor
The Auditor role is ideal for users who require visibility, audit, and reporting access to monitoring activities without the ability to perform operational changes.
Permissions include:
- Full access to Screening Portal features
- Limited access to the Monitoring Portal, including:
- Reviewing and auditing alerts
- Downloading reports
- Cannot add or delete monitoring entries
- Limited access to Account Management
User Roles Comparison
| Permission / Capability | Owner | Admin | Compliance | Integration | Auditor |
|---|---|---|---|---|---|
| Unique role | ✅ Yes | ❌ No | ❌ No | ❌ No | ❌ No |
| Dashboard access (screening requests) | ✅ Yes | ✅ Yes | ❌ No | ❌ No | ❌ No |
| Account Management access | ✅ Full | ✅ Full | ⚠️ Limited | ⚠️ Limited | ⚠️ Limited |
| Invite / remove users | ✅ All roles | ⚠️ Auditor, Compliance, Integration | ❌ No | ❌ No | ❌ No |
| Assign or modify user roles | ✅ Yes | ⚠️ Auditor, Compliance, Integration | ❌ No | ❌ No | ❌ No |
| API Settings | ✅ Yes | ✅ Yes | ❌ No | ✅ Yes | ❌ No |
| Screening Portal access | ✅ Full | ✅ Full | ✅ Full | ❌ No | ✅ Full |
| Monitoring Portal access* | ✅ Full | ✅ Full | ✅ Full | ❌ No | ⚠️ Read-only |
| Manage monitoring entries | ✅ Yes | ✅ Yes | ✅ Yes | ❌ No | ❌ No |
| Audit monitoring alerts | ✅ Yes | ✅ Yes | ✅ Yes | ❌ No | ✅ Yes |
| Download reports | ✅ Yes | ✅ Yes | ✅ Yes | ❌ No | ✅ Yes |
*Monitoring Portal access depends on the organization's subscription plan.
Managing Users
Invite a New User
- Go to the Account Management section in the menu, then scroll down to the Company Accounts dashboard.
- Click Invite User.
- Enter the new user's email address.
- Choose the appropriate role and other permissions (if available in your subscription plan)
- Send the invitation.
The invited user will receive an email prompting them to set up their account. Upon completing account setup, the user's status will automatically transition from "Invited" to "Active" in the dashboard.
Change the User's Role
1. In the Company Accounts dashboard, locate the user you want to update.
2. Click Edit Role in the Actions column.
3. Select the new role you wish to assign and Save.
Permissions update instantly after the change.
Delete a User
- In the Company Accounts dashboard, locate the user you want to remove.
- Click Delete User in the Actions column.
- Confirm the action.
Once removed, the user will no longer be able to access the company account.
Warning: This action cannot be undone. Reinvite the user to restore access.
We're here to help!
If you have any questions or need more help, please contact our support team anytime!
-
Chat: Available directly through the Portal and Help Center page
-
Email: help@sanctions.io