Raken gives you full control over what your team can see and do. Assign roles to define each person's level of access, then fine-tune individual permissions to match how your company actually operates.
Quick Answer
To change a user's role in Raken:
Log in to the Raken web app and click Directory in the left navigation menu.
Select Employees and click the employee's name.
Click the Role dropdown and select the new role.
Click the orange Save button.
To adjust permissions for a role, go to Company > Roles & permissions and toggle individual actions on or off for Project Member, Project Admin, or Account Admin.
How Roles & Permissions Work in Raken
Raken uses a two-layer permissions model:
Hard-coded role behaviors — These are permanently built into each role and cannot be changed by toggling permissions. They define the baseline of what each role can and cannot do.
Configurable permissions — These are optional add-ons that can be toggled on or off in Company > Roles & permissions to extend or restrict what each role can do beyond its baseline.
Understanding the difference between these two layers is important — some behaviors will not change no matter how permissions are configured, because they are tied to the role itself.
Understanding Roles in Raken
Raken has six roles. Each role defines a baseline level of access across your account and projects.
Role | Access Level |
Account Admin | Full access to the entire account, all projects, and billing |
Project Admin | Full access to assigned projects; no access to billing or company settings |
Project Member | Read/write access to assigned projects; no admin functions |
View Only | Read-only access to assigned projects |
Project Worker | Limited access to My Time and Schedule only; no project admin access |
Worker | No login access; time and activity tracked by a supervisor |
Hard-Coded Role Behaviors (Cannot Be Changed)
These behaviors are permanently tied to each role regardless of how permissions are configured.
Account Admin
Full access to all projects — even ones they are not assigned to
Can manage all employees in the Company Directory
Can approve and unapprove time cards — only Account Admins can unapprove
Can add and remove projects from the company-level directory
Cannot be deactivated by another Account Admin — must be demoted to Project Admin first
Project Admin
Can only manage the Project Directory — they can add or remove employees from their assigned projects, but cannot manage the company-level directory
Can approve time cards on assigned projects — this is always on for Project Admins
Cannot unapprove time cards — even ones they approved themselves. An Account Admin must unapprove before the time card can be edited
Cannot access Company settings (billing, integrations, company-level time policies)
Cannot edit the role of another Project Admin or Account Admin
Project Member
No employee management capabilities by default
Can create time cards on behalf of other employees on their project — this is by design and is not currently configurable
Cannot approve or unapprove time cards unless the permission is explicitly enabled
View Only
Cannot create, edit, or delete any content — read-only access across assigned projects
Project Worker
Access is always limited to My Time and Schedule — this cannot be expanded without changing their role
No access to project data, daily logs, or the directory
Worker
No Raken login — time and activity tracked entirely by a supervisor
Can approve their own time card via a text or email link — no app required. Must have a phone number or email address on file. Time Clock add-on is not required for this.
How to Change a User's Role
Step 1: Open Directory
Log in to the Raken web app. Click Directory in the left navigation menu.
Step 2: Select the Employee
Click Employees to view your full employee list. Find the employee and click their name.
Step 3: Update the Role
On the employee profile, click the Role dropdown and select the new role.
Note: You can only assign roles equal to or lower than your own. Account Admins can assign any role.
Step 4: Save
Click the orange Save button. The employee's access updates immediately.
How to Adjust Configurable Permissions
Beyond hard-coded role behaviors, Raken lets you customize what each role can do across several areas of the platform. These are toggled on or off per role in Company > Roles & permissions and apply to all users with that role.
Step 1: Go to Company Settings
Click Company in the left navigation menu.
Step 2: Open Roles & Permissions
Select Roles & permissions from the menu. You'll see a table with toggles for Project Member, Project Admin, and Account Admin.
Note: Some Account Admin toggles cannot be turned off — those actions are hard-coded to the role.
Step 3: Review and Adjust Permissions
Permissions are organized by category. Toggle individual actions on or off for each role based on your company's needs.
Directory permissions:
Can create new employees — allows creating new employee profiles. If this is on but Can manage user roles and access is off, the user can only create Workers.
Can manage employees — allows editing employee profiles (name, phone, classification, etc.) for employees at a lower role level.
Can manage user roles and access — allows changing employee roles, activating/deactivating accounts, and managing invites. This affects billing and seat count — enable carefully.
Can create/edit/delete contact companies — manage company contacts
Can create/edit/delete contacts — manage individual contacts
Can create/edit/delete groups — manage employee and project groups
Can create/edit/delete certifications — manage employee certifications
Can create/edit/delete classifications — manage employee classifications
Projects permissions:
Can create projects — allows creating new projects
Can manage project settings — allows editing project settings, including inactivating and deleting projects
Can modify survey question settings — allows editing daily report survey questions
Can use the automatic email feature — allows setting up automatic email reports
Time:
Can review time for employees on their projects — allows reviewing and editing time for employees on assigned projects
Can approve time for employees on their projects — allows approving time cards for employees on assigned projects
Can sync time to integrations — allows performing time syncs to connected integrations
Can create/edit/delete schedules — allows managing schedules
Can open a kiosk session — allows opening a Kiosk session for crew clock-in
Production:
Can create/edit/delete cost codes
Can create/edit/delete materials
Can create/edit/delete company-owned equipment
Can create/edit/delete budgets
Can access production insights
Project Management:
Can create/edit/delete documents
Can create/edit/delete forms
Can create/edit/delete RFIs
Can create/edit/delete tasks
Safety & QC:
Can submit incident data to OSHA ITA
Can create/edit/delete checklist schedules
Can create/edit/delete checklist types
Can create/edit/delete default safety notifications
Can create/edit/delete incidents
Can create/edit/delete observation types and subtypes
Can create/edit/delete safety checklist templates
Can create/edit/delete safety checklists
Can delete scheduled toolbox talks
Can schedule toolbox talks
Can upload toolbox talks
Can view Raken safety checklist templates
Step 4: Save
Click the orange Save button. To revert all permissions back to Raken's defaults, click Restore default permissions in the top right corner.
Frequently Asked Questions
What's the difference between Project Admin and Account Admin?
Account Admins have full access to everything — all projects, billing, and account settings. Project Admins have full access only to the projects they're assigned to and cannot access billing or company settings. If you want someone to manage a specific project without touching company settings, Project Admin is the right role.
Why can my Project Admin approve time cards but not unapprove them?
Approval is a built-in capability for Project Admins. Unapproval is restricted to Account Admins — this is a hard-coded behavior and cannot be changed with a permission toggle. If a Project Admin needs to edit an approved time card, an Account Admin must unapprove it first.
Why can a Project Member create time cards for other employees?
Project Members can create time cards for employees on their project by design. This is a hard-coded behavior and is not currently configurable. If you need to monitor who is creating time cards, the Created By column is visible in Time > Entries.
Can a Project Admin change another user's role?
Only if the Can manage user roles and access permission is enabled for the Project Admin role, and only for employees at Project Member level or below on their assigned projects. Project Admins can never edit the role of another Project Admin or Account Admin.
I turned off a permission but the behavior didn't change. Why?
Some behaviors are hard-coded to the role and are not controlled by the permission toggles. For example, Project Admins can always approve time cards regardless of permission settings. Review the Hard-Coded Role Behaviors section above to confirm whether the behavior you're trying to change is configurable.
What is a Project Worker?
A Project Worker is a field employee with a limited Raken login — they can only see their own time entries and schedule. This role is ideal for field crew members who need to clock in/out or review their own time using Raken Time Clock.
What is a Worker (no login)?
A Worker has no Raken login. Their time is tracked entirely by a supervisor. Workers can approve their own time card via a text or email link — no app or login required.
Technical Specifications
Platform | Web app only |
Offline capability | No — requires an active internet connection |
Role required | Account Admin to view and edit Roles & permissions |
Plan required | All plans |
Considerations
Only Account Admins can access Company > Roles & permissions.
Some role behaviors are hard-coded and cannot be changed with permission toggles — see the Hard-Coded Role Behaviors section above.
The Can manage user roles and access permission is off by default for Project Admins and Project Members. Enabling it allows those roles to activate, deactivate, and change employee roles — actions that can affect billing and seat counts. Enable this carefully.
Project Workers and Workers are not included in the Roles & permissions toggle table. Their access is defined entirely by their role.
Permissions apply account-wide by role — you cannot set different permissions for individual users within the same role.
Changes to permissions take effect immediately.
Related Articles
More Questions?
Feel free to email us or call us at +1 866-438-0646. We're always glad to answer your questions!