Understand roles and permissions
Exclusive Roles
There are two special roles, each of which can only be assigned to a single person:
- Organisation Owner - has the unique permission allowing them to open new Spendesk entities
- Account Owner - the super user for the entity, can effectively perform any action within Spendesk that Administrators or Controllers can do, along with some additional permissions:
- Set up a secured phone number to approve wire transfers
- Set up which users have the Administrator role
- Edit the assignee for a subscription card
Modifying these roles needs to be done by following this guide.
Assignable Roles
There are three assignable roles that can be managed for users (see this page):
- Requester - any employee using Spendesk to make requests / payments
- Controller - required by the finance team to perform bookkeeping/accounting tasks
- Administrator - required to configure the system and manage users
The full list of permissions for these roles is as follows:
Requester
- Create and view their requests
- View their own payments
- View their own subscriptions
- Pause/report as lost their own cards
Controller
- Download account statements and balance confirmations
- View and manage wallet funding
- Prepare and export payments/payables
- View billing plan
- Manage the invoice inbox
- View subscriptions
- Send receipt reminders
- Manage suppliers:
- View and edit supplier details
- Download proof of payment for supplier invoices
- Review and pay invoices (including via XML/CSV)
- View all payments
- View and manage budgets
- Create and edit a custom analytical field
- Manage accounting settings:
- Accounting setup tab
- Create custom export templates (if file-based)
- Create a custom 'receipt file name'
- Set up and manage native accounting integrations
Administrator
- Edit company information & billing
- Enable/disable payment methods
- Manage notifications & reminders
- Invite new users
- Update user roles and user information
- Manage organisation settings:
- Members (invite users, update roles and information)
- Cost centres
- Analytical fields
- Set up HR integration
- Manage spend control settings:
- Approval policies
- Approval workflows
- Spend limits
- Play by the rules
- Manage physical cards:
- View all
- Order new cards
- Update card budget
- Pause/report a card
- Activate cash withdrawal (if it is available)
All Roles
- View and set up their own notifications
- View and set up their own profile information
Virtual Roles
We also have a number of 'virtual' roles that are a result of other configurations and come with their own permissions. These are:
- Approver - assigned as an approver via the approval workflows:
- View the 'To approve' tab and approve/deny requests assigned to them
- Cost Centre Owner - someone managing an area such as a department:
- View payments in their cost centre
- View budgets in the cost centre
- View invoice inbox
- View the 'To approve' tab and approve/deny requests assigned to them
- Reporting Manager - a user marked as another user's manager:
- View the 'To approve' tab and approve/deny requests assigned to them
Aktualisiert am: 30/04/2026
Danke!