Roles and Permissions
Antidote uses role-based access control to determine what users can see and do within the platform. Each user can be assigned one or more roles.
Role types
Admin
Administrators have access to system configuration and user management. Admins can:
- Manage users (invite, edit, suspend, reactivate, delete).
- Configure and manage global rulesets.
- Access SSO configuration settings.
Admins do not have access to client billing data, dashboards, or pre-bills by default.
Partner
Partners typically include attorneys or client relationship managers who need visibility into client data. Partners can:
- View the Dashboard with analytics and insights.
- Access Pre-bills and Invoices for their assigned clients.
- View Matters and Clients data.
- Access My Time to view their own time entries.
- View OCG (Outside Counsel Guidelines) documents.
Partners only see data for clients they have been granted access to.
Billing Team
Billing Team members handle billing operations across the organization. They can:
- View the Dashboard with analytics and insights.
- Access Pre-bills and Invoices.
- View Matters and Clients data.
- View OCG documents.
Billing Team members see data for clients they have been granted access to, or all clients if given full access.
Timekeeper
Timekeepers are users who primarily need to track and manage their own time entries. They can:
- Access My Time to view and correct their own time entries.
Timekeepers only see their own data and do not have access to broader client or billing information.
Permission matrix
| Feature | Admin | Partner | Billing Team | Timekeeper |
|---|---|---|---|---|
| User Management | ✅ | ❌ | ❌ | ❌ |
| Rulesets | ✅ | ❌ | ❌ | ❌ |
| Entry Audit | ✅ | ❌ | ❌ | ❌ |
| Dashboard | ❌ | ✅ | ✅ | ❌ |
| Pre-bills | ❌ | ✅ | ✅ | ❌ |
| Matters | ❌ | ✅ | ✅ | ❌ |
| Clients | ❌ | ✅ | ✅ | ❌ |
| My Time | ❌ | ✅ | ❌ | ✅ |
| OCG | ✅ | ✅ | ✅ | ❌ |
Assigning multiple roles
Users can be assigned multiple roles to combine permissions. For example, Partner + Admin can manage users while also having access to client data.
When assigning roles, consider the minimum access needed for each user to perform their job effectively.
See User Management to learn how to assign roles when inviting or editing a user.
Client and payor access
In addition to roles, you can control which clients and payors each user can access:
- All clients and payors – User can see data for every client and payor in the system.
- Specific clients and payors – User can only see data for the clients and payors you select.
This allows you to give users the right role permissions while limiting their visibility to only relevant client data.
See User Management to learn how to configure client/payor access when inviting or editing a user.