Roles allow you to set access for members at the organization level. Each role provides unique access to help you set who can manage settings for an organization.
By default, all users in an organization are an organization member, which allows them to be added to a workspace. Based on the role assigned, people may receive emails with updates or important information.
Roles at the organization level are different than roles at the workspace level. To learn more about roles at the workspace level, see Workspaces roles.
Types of organization roles
There are several different roles available at the organization level, each with their own level of access.
-
Organization Member is assigned by default to all members of an organization and allows users to be added to a workspace. Only admin users that are assigned a role will have an Org Role.
-
Org User Admins can add, remove, update and view users in your organization, manage organization settings, and view organization activities.
-
Org Workspace Admins can manage all workspaces, workspace settings, members, roles, and groups, create new workspaces, view all activity in all workspaces, and view organization activities.
-
Org Security Admins can view, update, and manage organization security settings, such as password settings, connector enablement, access restrictions, SAML single sign-on, and organization activities.
- Org Chain Security Admins can manage all connector settings and runners from the Org Admin panel. It must be paired with either the Chain Builder, Chain Security Admin, or Chain Owner role.
-
Data Access Admins can create and manage database partitions for an organization. This is only applicable for organizations using the database and is reserved for Workiva Support Users.
- The Generative AI User role gives users access to the Workiva Generative AI feature in the workspaces where Workiva Gen AI is enabled.
To learn more about applying a role at the organization level, see Update an organization role.
Actions available for Org Admins
The table below shows what each admin role can do at the organization level:
| Org User Admin | Org Workspace Admin | Org Security Admin | |
| Add users to the organization | |||
| Resend welcome email | |||
| Reset user passwords | |||
| Update users details | |||
| Export a list of users | |||
| Remove users from the organization | |||
| Manage sign-in and session options | |||
| Set access restrictions | |||
| Manage single sign-on settings | |||
| Manage encryption keys | |||
| Manage identity providers | |||
| Manage organization settings | |||
| View organization activities | |||
| Export organization activities | |||
| Create new workspaces | |||
| View all workspaces |