The five roles
BitBooks has five roles, ordered from most powerful to least:
| Role | Power level | Typical use |
|---|---|---|
| Owner | Top | The founder or principal of the business |
| Admin | Almost top | Co-founder, CFO, anyone who needs to configure everything |
| Accountant | Books-focused | External CPA, fractional CFO, controller |
| Member | Day-to-day | In-house bookkeeper, junior accounting staff |
| Viewer | Read-only | Investor, board member, partner, auditor reviewing |
You assign one role per user per organization. A user can be Owner in one org and Viewer in another.
What each role can do
Owner
Everything. There's only one Owner per organization, and they can:
- Access every screen
- Edit every setting
- Invite, change, and remove users
- Promote anyone (including transferring Ownership to someone else)
- Delete the organization (this is one of the few actions only the Owner can do)
You can transfer Ownership to another user via the Users page if needed (e.g., business sold, founder leaves).
Admin
Same as Owner, except:
- Can't delete the organization
- Can't transfer Ownership
For 99% of day-to-day decisions, Admin = Owner. Use Admin for co-founders, CFOs, and other senior team members. Use Owner only for the actual principal.
Accountant
Full access to the books, but limited on configuration:
- Can post any transaction or journal entry, including in any currency, including reversals
- Can run all reports
- Can close periods
- Can manage chart of accounts
- Cannot change organization settings (functional currency, framework, etc.)
- Cannot invite or manage users
- Cannot delete or archive the organization
Use for external CPAs, fractional controllers, and anyone whose job is the books but who shouldn't touch the org configuration.
Member
Day-to-day bookkeeping:
- Can create and edit transactions and journal entries
- Can review and post Drafts
- Can run reports (read-only)
- Cannot delete or reverse posted entries
- Cannot close periods
- Cannot manage chart of accounts (only view it)
- Cannot manage users
- Cannot change settings
Use for in-house bookkeepers, junior accounting staff, anyone doing data entry.
Viewer
Read-only across the board:
- Can run reports
- Can browse transactions and balances
- Cannot create, edit, post, or reverse anything
- Cannot manage anything
Use for investors, board members, business partners, auditors who just need visibility.
What every role can do
A few things every role has:
- Sign in with their own email and password
- See the organization name and basic identity
- Switch to other organizations they belong to
- Change their own profile (their name, avatar, password, 2FA setup)
The minimum sign-in privilege is Viewer. There's no role lower than Viewer.
Picking the right role
A simple decision tree:
- Is this person the principal owner of the business? → Owner
- Are they a senior team member who should be able to configure the org? → Admin
- Are they an accounting professional who needs full books access but shouldn't change configuration? → Accountant
- Are they a junior bookkeeper or data entry person? → Member
- Are they a stakeholder who just needs visibility? → Viewer
When in doubt, pick the lower role. Demoting someone is harder than promoting (psychologically and practically). Start small and promote when you're confident.
Approval thresholds and roles
If your organization uses approval thresholds (transactions above a certain amount require approval), the approver roles are:
- Owner: can approve
- Admin: can approve
- Accountant: can approve
- Member: cannot approve (their own submissions need approval)
- Viewer: cannot approve (and can't submit either)
So a Member submitting a $10,000 transaction needs an Admin or Accountant to sign off before it posts.
Changing someone's role
- Admin → Users
- Click the user
- Change role
- Save
The change applies on their next page load (or immediately, if they're not actively using the system).
If they're mid-task and you demote them, the in-progress action might fail. Talk to them ahead of time when possible.
What roles can do across organizations
Roles are per-organization. So:
- A user can be Member in Org A and Admin in Org B
- Switching organizations switches their effective role
- Their account list shows all orgs they belong to with their role in each
The role doesn't follow them; it's tied to the org membership.
A worked example
You run a small Bitcoin business. Your team:
| Person | Real role | BitBooks role |
|---|---|---|
| You (founder) | CEO | Owner |
| Co-founder (CTO/COO) | Operations | Admin |
| External CPA | Tax + monthly close | Accountant |
| In-house bookkeeper | Day-to-day | Member |
| Lead investor | Quarterly review | Viewer |
Each person can do exactly what their job requires. The CPA can post adjustments without needing to change settings. The bookkeeper can do daily entry without being able to change the framework. The investor can run reports without any risk of changing data.
This is the typical small Bitcoin business setup.
Common questions
"What if I'm a solo operator with no team?"
You're the Owner. No other roles needed. You'll handle everything yourself. When you grow, add team members one at a time and pick the role per person.
"Can I have two Owners?"
No. One Owner per organization. The closest equivalent is two Admins (which gives both equivalent power except for the delete-org and transfer-ownership actions).
"Can I limit a Member to specific wallets?"
Not yet. Today, Members have access to all wallets in the organization. Per-wallet permissions are on the roadmap.
"What happens to a user's actions if I remove them?"
The actions stay in the audit log with their name. Only their access to the organization ends. They can't sign in or take new actions, but historical actions remain.
Where to go next
- Inviting Team Members for the invite process
- Two-Factor Authentication for hardening sign-in
- Multiple Organizations for managing several
- Setting Spending Limits per Wallet for approval threshold setup
- Activity Log to see what each user has done