User Types, Roles, and Permissions
Overview
At Denari, each user has a role that determines what they can and cannot do in the system. These roles help us manage who can view, edit, or delete information in projects, and ensure that the right team members have the right level of access.
This guide explains how user roles work, how project access is granted, and how group based restrictions (such as CAS vs. Tax) help maintain clear responsibilities.
Identifying a Roles & Perms Restriction
A roles and permissions restriction is likely in place if:
A button or action appears unclickable (disabled).
A button or action is completely hidden.
A user or engineer reports that someone else can perform an action they cannot.
Key points:
Users only have editing access to projects they are assigned to.
Admin and Advanced Users have broader access across projects, but only Admins can manage user accounts and settings.
This document is here to help you understand what actions you're allowed to take in Denari, depending on your role and project assignment.
User Types
Each user in Denari is assigned a User Type, which defines their base level of access:
User
Regular users with the least permissions.
Admin
In addition to being able to do everything a User can. Admins can delete and unlock projects and also access the Admin Dashboard to manage users in their Firm.
Project Role Assignments
In addition to their User Type, users must be assigned to specific projects to gain editing rights.
Preparer
Can fully edit the project, upload documents, make entries, and tie out balances.
Reviewer
Same access as Preparer, with the added ability to mark projects ready for review.
Unassigned
Can view the project but cannot make changes. This includes downloading reports and documents.
Permissions Matrix
View projects
✅
✅
Download documents
✅
✅
Export trial balances
✅
✅
Upload, edit, replace, or delete documents
✅
✅
Ignore or reconcile lines
✅
✅
Sync from QBO
✅
✅
Create or edit accounts in the Chart of Accounts (CoA)
✅
✅
Create or edit journal entries
✅
✅
Edit project name, period, or duration
✅
✅
Update project users
✅
✅
Delete projects
❌
✅
Delete clients and entities
❌
❌
Full access (override all restrictions)
❌
❌
Summary
Users must be assigned to a project as a Preparer or Reviewer to make changes.
Users with no role on a project always have read-only access, regardless of their User Type.
Group Tags (CAS and Tax) enforce team-based access restrictions.
Admins can manage project users and delete projects, even if they are not project users.
Admins can add and delete firm users in their admin dashboard.
If you need to delete clients or entities reach out to someone on the Denari Team
Last updated