Skip to content

Owner and Administrator in IZI: Permission Differences

Published: · Updated: (12 days ago)· IZI Team

Owner and Administrator in IZI: Permission Differences

Section titled “Owner and Administrator in IZI: Permission Differences”

IZI has one built-in staff role — Administrator — plus your own custom roles. The owner manages the organization and club network: creates locations, configures roles, sees consolidated analytics. The administrator works the front desk: opens the cash shift, takes payments, seats players. This is not a question of trust — it’s a question of responsibility scope and data security.

Understanding the difference matters before initial setup, because incorrectly granted permissions are harder to remove than to grant correctly from the start.

Owner — manages the organization and network

Section titled “Owner — manages the organization and network”

Owner is the root of the organization in IZI. It is automatically tied to whoever completed registration and created the organization. This is not an assignable role — it is org ownership. Organization settings (org.settings) are accessible only to the owner’s account.

What the owner can do:

ActionAvailable
Create a new club in the organization
Delete a club or organization
Change billing and legal details
Create and edit roles✓ (with “Full access” flag)
Invite employees by email✓ (with “Full access” flag)
View consolidated network analytics
Export reports across all clubs
Open and close a cash shift
Sell tariffs and work the bar

More on network analytics — How to read club analytics.

Administrator is the only built-in staff role in IZI. One or more per club, working in rotation.

What the administrator can do:

ActionAvailable
Open and close a cash shift
Start, pause, end sessions
Accept payment (cash, cards, IZI mobile app)
Top up a player’s balance
Work the bar (ring up orders, apply discounts)
Add clients, attach phone numbers
Change tariffs and prices
View club revenue for past shifts
Invite new employees
View other clubs’ data

First shift walkthrough — How to open and close a shift.

Custom roles — building a Club Manager, Barista, or any other profile

Section titled “Custom roles — building a Club Manager, Barista, or any other profile”

IZI does not ship a built-in “Manager” or “Cashier” role. Instead, the owner creates custom roles in Organization → Roles: give the role any name, then pick exactly the permissions it needs from the full permission set (clubPermissions / orgPermissions), and optionally enable the Full access flag.

This means a “Club Manager” in your organization is a custom role you define. A typical setup:

Example: Club Manager custom role

A person responsible for one club or several — configures the hall, manages tariffs, reviews revenue — but does not make network-level decisions.

Permissions that stay with the owner only (not included in this custom role):

  • Create a new club in the organization
  • Delete a club or organization
  • View other clubs’ data (unless explicitly granted)

One login can cover multiple clubs: when adding a user, specify the list of clubs they have access to. The user selects the needed club via the sidebar on login.

ActionOwnerAdministratorCustom role (example)
Create a club
Organization settings
Billing
Network analyticsIf granted
Create roles and accessIf granted (fullAccess)
Configure tariffsIf granted
Club analyticsIf granted
Shift historyOwn shift onlyIf granted
Open/close shiftIf granted
Sell tariffs, barIf granted
Work with clientsIf granted

When the club structure is more complex than “owner + administrators,” custom roles let you build any combination from the full permission set.

Common profiles:

PositionPermission set
Club Managerclub.analytics.* + club.catalog + club.equipment, optionally org.users for a single club
Baristaclub.base without analytics and tariffs
Accountantclub.analytics.* + financial operations, no hall access
Technical specialistclub.equipment + club.screensavers without register
Investor / observerclub.analytics.kpi + club.analytics.daily, nothing else
Content managerclub.catalog — tariffs and catalog only

Permissions fall into four groups: Club administration (hall, register), Analytics (dashboards, exports), Financial operations (refunds, cash-in), and Club settings (tariffs, zones, devices).

Custom roles are created at the organization level in Organization → Roles and then assigned to employees via Organization → Users. Step-by-step guide — How to configure a custom role.

Delegation is driven not by the number of clubs or machines, but by how overloaded the owner is with operations.

One club, one shift — owner combines strategy and operations, one or two administrators. No additional roles needed.

One club, two shifts or a growing hall — create a custom “Club Manager” role. The owner’s responsibility narrows to strategy and finances.

Several clubs in the network — each club gets a person with a manager-profile custom role. The owner consolidates analytics and makes growth decisions. The right to invite employees is delegated via the org.users permission in that custom role.

Large network or multiple regions — an operations manager covering a cluster of clubs, a custom “investor” role with analytics only, a separate finance role.

Important: the “Full access” flag in a custom role is effectively System Administrator rights. Enable only for co-founders you fully trust. See: Staff, roles, and access in IZI.

Every action in the CRM — top-up, discount, refund, tariff change — is recorded in a log with the user and timestamp. The log is accessible via Organization → Log only to users with the org.audit permission.

History is not deleted when an employee is removed. If an administrator is dismissed — all their operations remain in the log with full attribution.

Checklist when dismissing an employee:

  • Ensure their cash shift is closed
  • Remove the user in Organization → Users
  • Verify they are not the only person with “Full access”

Frequently asked questions

What is the difference between the owner and administrator in IZI?

The owner manages the entire organization: creates clubs, configures roles, sees network analytics, changes billing. The administrator works inside one club during a shift: opens the register, sells tariffs, serves players, closes the shift. Key restriction: the administrator cannot see other clubs' data or change tariffs or roles.

Can the owner work as a shift administrator?

Yes. The owner has full access and can open a shift, sell a tariff, and close the register. This is typical at launch while the team is being hired. As the hall grows, this role is handed off to an administrator.

How many owners can an organization have?

Technically, organization settings are accessible only to one account — the one that registered and created the organization. For a co-director, it's better to create a custom role with full access but without the ability to change organization settings.

Can I give someone access to only certain clubs in a network?

Yes. When adding a user, you specify the list of clubs they have access to. One login — multiple clubs; the user selects the needed one via the sidebar on login.

How do I create a role just for a barista or accountant?

In Organization → Roles, create a new role and enable only the needed permissions. For a barista: club.base without analytics and tariffs. For an accountant: club.analytics.* + financial operations without hall access.

What does a shift administrator see that they don't see?

Administrator sees: hall, sessions, bar, clients, their current shift. Does not see: network analytics, organization settings, tariffs and prices (unless a separate permission is granted), other clubs' data.

What happens to shifts and sales if an administrator is removed?

History is preserved. The Shift History section shows who opened each shift and when; sales remain tied to the shift. Removing an employee revokes their CRM login; data is not deleted.

How do I delegate the right to grant access to employees?

User and role management rights (org.users, org.roles) are available only to roles with the 'Full access' flag. You can create a custom role (e.g. 'Club Manager') with this flag so that person can invite employees independently.

Can I give an investor access only to view analytics?

Yes. Create a custom role with club.analytics.* permissions (all needed metrics) without club.base — such a user sees reports but cannot work the register or change settings.