Platform

Teams, Roles & Permissions

Organize your team by site, department, or function. Control what each role can see and do. Corporate sees everything — sites see their own data.

User Management

Built for multi-site food safety organizations where different teams need different levels of access and visibility.

Team Management

Organize users by site, department, or function. Group team members logically so permissions, notifications, and dashboards align with how your org actually works.

Role-Based Permissions

Control what each role can see and do — from read-only auditors to full-access administrators. Permissions apply across agents, dashboards, and data.

Multi-Site Access

Corporate sees everything — trending, benchmarking, and analytics across the fleet. Individual sites see their own data, their own dashboards, their own agents.

Five Roles, One Clear Model

Every team member has one of five roles. Roles are assigned per-team, so a user can have different roles on different teams within the same organization.

Owner

Full control. Manages billing, creates teams, and has superuser access to all team resources.

Admin

Manages team settings, members, integrations, ontology, and automated processes.

Editor

Creates and edits records, uses AI features (Assist, Skills, Delegate), and views own history.

Viewer

Read-only access to data and public dashboards. Cannot use AI features or modify records.

Guest

No base permissions. Only sees records explicitly shared via entity-level access grants.

Granular Control

Per-Record Access Overrides

Beyond roles, Trailhead supports entity-level access control. Grant or restrict access to individual records regardless of a user's team role — perfect for sensitive data, external collaborators, or cross-team projects.

A Guest with Viewer access on a specific product can see that product and nothing else. A "No Access" override blocks even Editors from viewing a record. Team Owners always have full access and cannot be restricted.

Admin

View, edit, delete, and manage access for the record.

Editor

View, edit, and delete the record.

Viewer

View the record only. No modifications allowed.

No Access

Record is completely hidden from this user.

Organization-Wide

One Organization, Many Teams

The organization owner has superuser access across all teams — view, edit, and manage entities in any team, access billing and subscription management, and configure organization-wide settings.

Cross-team access is automatic and cannot be restricted by team-level settings. Leadership always has full visibility into operations, while individual teams maintain their own scope and boundaries.

Per-Team Roles

Same user, different roles on different teams

Scoped Visibility

Each team sees only their own data and agents

Cross-Team Analytics

Corporate rolls up trending and benchmarks across the fleet

Audit Trail

Every permission change logged and immutable

AI Access is Role-Gated

AI features are not available to every role. Assist, Skills, and Delegate require Editor access or above. Automate requires Admin. This ensures AI actions are controlled by the people responsible for your data.

Assist

Requires Editor+

Conversational AI with full context about your organization, SOPs, and data.

Skills

Requires Editor+

Pre-built capabilities agents can run across workflows and data.

Delegate

Requires Editor+

Assign tasks to agents. Review their work or let them operate autonomously.

Automate

Requires Admin+

No-code process designer for workflows that need to run the same way every time.

Built for Multi-Site Organizations

See how Trailhead handles teams, roles, and permissions across your entire organization. We will configure it to match your structure.

Book a Demo