vendorapp logo

Docs

Sign in

Roles and Responsibilities

What are roles in Vendorapp

Vendorapp uses role-based access control to ensure that users only see and manage what they're meant to. Every user is assigned one of three main roles:

  • Agent Owner
  • Agent
  • Viewer

In addition, any user who uploads or owns a contract becomes a Contract Owner, gaining additional rights for that specific vendor relationship.

Roles define what a user can see, edit, manage, or approve across the platform. Assigning roles correctly is essential for maintaining security, compliance, and process accountability.

Role descriptions and permissions

Below is a summary of each role, their responsibilities, and what they can access within Vendorapp:

Agent Owner

The primary administrator for your company's Vendorapp account.

  • Full access to all vendors, contracts, settings, and users
  • Can assign or revoke roles
  • Manages billing, subscription plans, and account deletion
  • Receives critical system and security alerts

Each company can only have one Agent Owner.

Agent

Power users with wide access across Vendorapp.

  • Can manage vendors, contracts, breaches, contacts, assessments, and notes
  • Can review and complete system tasks (e.g., sanctioned vendor reviews, contract closures)
  • Can invite, promote, or remove users (except the Agent Owner)
  • Cannot change the subscription plan or delete the account
  • May be assigned billing permissions if required

The number of agents available depends on your Vendorapp plan.

Viewer

Users who need access to vendors and contracts but don't require admin permissions.

  • Can add vendors and become contract owners
  • Can view breaches, contracts, notes, and assessments (based on stakeholder access)
  • Cannot manage settings, users, tasks, or billing
  • May be promoted to Agent if more involvement is needed

Contract Owner (Status Overlay)

Any user — Agent, Viewer, or Agent Owner — becomes a Contract Owner when they upload a contract.

  • Gains full control over that contract
  • Can cancel, rename, transfer ownership, and add stakeholders
  • Can raise breaches and manage notes related to the contract
  • Reverts to their base role when all their contracts expire or are archived

How roles affect access and functionality

Feature/ActionAgent OwnerAgentViewerContract Owner (Overlay)
Add vendors
Add/manage contracts
View/manage all vendors❌ (limited)✅ (if active contract)
Cancel or transfer contracts⚠️ (if owner)
Add/manage stakeholders⚠️ (if owner)
Raise breaches⚠️ (if stakeholder)
Complete system tasks
Manage users and roles
Access billing and plan settings⚠️ (if billing contact)

⚠️ = Only with conditions met (e.g., billing contact status or ownership)

Managing roles and responsibilities

To manage user roles:

  1. Go to Settings from the profile dropdown (top-right corner).
  2. Select the Users tab.
  3. The user list displays:
    • Name, Email, Role, Billing status, and Last accessed
  4. Click the ... menu beside a user to:
    • Promote or demote between Viewer and Agent
    • Add or remove billing access
    • Transfer ownership (for Agent Owner only)
    • Delete the user

When inviting a new user, you'll be prompted to select their role before sending the invite. The user must accept the invitation to activate their account.

You can filter the user list by role using the dropdown at the top of the screen.

Best practices for assigning roles

  • Assign Agent roles only to those managing vendors, contracts, or compliance
  • Use Viewers for department users who need visibility but don't require control
  • Keep the Agent Owner role limited to a senior administrator or system owner
  • Monitor user access regularly and downgrade inactive users when appropriate
  • Use Contract Ownership to delegate accountability without granting full system access

Correct role assignment helps ensure operational efficiency and minimizes risk across your vendor lifecycle.