search

Role-Based Access Control (RBAC)

Marco uses Role-Based Access Control (RBAC) to manage how customers and vendors interact with data, portals, and permissions within the system.

hashtag
User Roles

There are two main user roles in Marco:

  • Customer User - A user under a customer.

  • Vendor User - A user under a vendor.

hashtag
Customer User Access

Customer users can be granted one or more types of access permissions that determine their capabilities within Marco.

Access Type
Description

Admin Access

Provides full visibility and control over all customer data, including access to the admin portal.

Payroll Access

Grant visibility into payroll and salary data of staff.

Time Access

Allows management of staff leave balances and time off records.

Only Manager-level users can be assigned these access permissions.

If a manager has Admin Access, they can view and edit all staff data. Visit Access and Rolearrow-up-right to view manager access level in Marco.

hashtag
Customer User Types

Marco defines three customer user types, which determine the role and scope of each user's actions.

User Type
Description

Manager

Can manage staff data. Access level depends on assigned permissions.

Staff

Can request leave, submit expenses, and manage their own personal data.

Intern

Typically students or temporary workers. Cannot be hired as regular employees, but can be engaged as independent contractors (ICs).

hashtag
Customer User Profile Type

Each customer user type may have one of the following profile combinations, which controls which portals they can access.

  • Staff Only - Can view only their Personal Portal.

  • Manager & Staff - Can access both Manager Portal and Personal Portal.

  • Manager Only - Can view only the Manager Portal.

  • Intern - Can view only the Personal Portal.

hashtag
Vendor Access and Role

Vendor users represent external partners or service providers who operate under the vendor organization in Marco.

hashtag
Vendor Types

  • Platform vendor - A vendor with their own Marco platform.

  • Partner Vendor - A vendor added user a platform vendor's ecosystem.

hashtag
Vendor User Profile Types

A single vendor may have multiple vendor users with different permissions.

User Type
Description
Customer Portal
Vendor Portal

Vendor Admin

Manage customers, partners, services, and vendor users. Has full access to the platform.

Can access all customers' portals.

Has access.

General Vendor User

Can access only their assigned customers and assigned staff.

Can access assigned customer portals only.

No access.

PreviousIntroductionNextAuthentication

Last updated