Skip to main content
Tandem uses roles and permission groups to control access across your organization.

Roles

Every organization member has a role:
RoleWhat they can do
AdminManage members, groups, programs, and org settings. Access all programs.
MemberAccess assigned programs. Create and edit data within those programs.

Permission groups

For finer control, create permission groups to organize members and manage program access in bulk.

How groups work

  1. Create a group — Give it a name (e.g., “Mechanical Team”, “Program Alpha”)
  2. Add members — Assign organization members to the group
  3. Assign programs — Grant the group access to specific programs
Members inherit access to all programs assigned to their groups. A member can belong to multiple groups.

Managing groups

From the Admin Center > Groups tab:
  • Create, rename, or delete groups
  • Add or remove members from a group
  • Assign or revoke program access for a group

Inviting members

Admins can invite new members by email from the Admin Center. The invite sends a link that lets the person create an account and join the organization. You can also generate invite codes for broader distribution.