> ## Documentation Index
> Fetch the complete documentation index at: https://docs.theubik.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Users and access

> Manage workspace access, approval authority, and role expectations for reviewed operations.

Admins control who can enter the workspace, which account they use, what source context they can inspect, and what decisions they are allowed to approve.

## User types

| User            | Typical responsibility                                                          |
| --------------- | ------------------------------------------------------------------------------- |
| Operator        | Reviews daily queue items and approves routine actions within scope.            |
| Reviewer        | Checks sensitive margin, finance, customer, compliance, or writeback decisions. |
| Admin           | Manages workspace access, integrations, role scope, and escalation paths.       |
| Founder or lead | Reviews adoption, ROI, workflow expansion, and risk-control decisions.          |

## Access checklist

* Confirm the user's work email and identity provider.
* Add the user to the correct workspace and role.
* Set expectations for what the user can inspect, approve, assign, and escalate.
* Confirm who owns exceptions outside the user's authority.
* Remove access when a user changes role or leaves the team.

## Good policy

Keep approval authority narrower than read access. A user may need to inspect a workflow without being allowed to approve a sensitive action.

## When access fails

Ask the user for the email used, provider selected, timestamp, and final error state. Then check workspace membership and SSO status.
