AssembleyAssembley
PricingSecurityAbout

Roles and Permissions

How access works in Assembley — organisation administrators who manage voters and run assemblies, and the platform-level oversight role — so you can give colleagues the right level of access.

When more than one person helps run your assemblies, you need to control who can do what. Assembley uses roles to grant access at the right level — enough to be useful, not more than necessary. This article explains the model so you can set your team up sensibly.

Organisation administrators

The people who run your organisation in Assembley are administrators. An administrator can manage your voter register, create and configure assemblies, take them live, and access results and evidence. This is the role most of your team will have — the people who actually prepare and run meetings.

Because administrators can change the register and run meetings, grant the role deliberately: give it to the people responsible for governance and assembly administration, and review the list periodically. See Managing Your Account.

Platform-level oversight

Separately from your organisation's administrators, Assembley has a platform-level oversight role used for operating the service itself. This is distinct from your organisation's day-to-day administration and isn't something you assign to ordinary team members — it exists at the level of the platform, not your account.

Principle: least privilege

A good rule for any access model is least privilege — give each person the minimum access they need to do their job, and no more:

  • Add colleagues who genuinely help run assemblies as administrators.
  • Remove access promptly when someone changes role or leaves.
  • Treat the ability to edit the register and run live meetings as significant, because those actions shape the official record.

Access and the integrity of the record

It's worth noting that access controls and the integrity of the record are two different protections. Even an administrator cannot quietly rewrite a concluded vote — the record is immutable and tamper-evident regardless of who is logged in. So roles govern who can operate the platform, while integrity mechanisms govern whether the record can be altered (it can't). See How Vote Integrity Is Protected.

Where to go next

See Managing Your Account for adding colleagues and Data Privacy and GDPR for how personal data is handled.

Related articles