Roles and Permissions
Last reviewed: 2026-05-13
Maintained by: Engineering
Zgrid currently relies on API-enforced role and scope checks.
Primary roles
super_adminmanagertenanttechnician
Enforcement model
- route-level role checks protect entry into privileged endpoints
- service-layer scope checks protect organization, building, and user-specific access
- UI gating is helpful, but it is not the source of truth for access control
Current reference
For the current implemented capability split by role, see ../99-reference/features-inventory.md.