Organizations
An organization is your team’s workspace. It owns:- Your vendor lists (including the default
master-list) - Every assessment and its history
- Members and their roles
- Organization settings and notification preferences
Roles
Access within an organization is governed by four roles, ranked from least to most privileged. Each role includes everything below it.| Rank | Role | In one line |
|---|---|---|
| 3 | Owner | Full control, including ownership. |
| 2 | Admin | Manage the team, plus everything a member can do. |
| 1 | Member | Create and edit vendor content. |
| 0 | Viewer | Read-only. |
Permission matrix (RBAC)
VendexLabs enforces role-based access control consistently across the app and the API. The capability gates are:| Capability | Viewer | Member | Admin | Owner |
|---|---|---|---|---|
| View lists, vendors, assessments, metrics | ✅ | ✅ | ✅ | ✅ |
| Create/edit vendors, lists, assessments, evidence | — | ✅ | ✅ | ✅ |
| Manage subscribers & alert settings | — | ✅ | ✅ | ✅ |
| Invite/remove members, assign roles | — | — | ✅ | ✅ |
| Assign the owner role | — | — | — | ✅ |
Guardrails protect your organization: the last owner can’t be removed or demoted, an admin cannot assign the
owner role, and only an owner can promote someone to owner.These are organization roles. They are separate from VendexLabs platform administration, which governs global vendor data (like the shared vendor directory) and is not something customer organizations manage.
Inviting and managing people
Invite members
An admin or owner adds people by email. New members default to the Member role unless you choose otherwise.
Adjust roles
Change a person’s role as their responsibilities change. Only an owner can promote someone to owner.
Sign in & SSO
Google, Microsoft, and enterprise single sign-on.
Settings & notifications
Organization settings and who gets alerted.
