Organizations & Teams
Collaborate on your trading operation with role-based access control, member invitations, and audit logging.
Overview
Organizations let you collaborate on plutarc as a team. Create an organization, invite members, assign roles with granular permissions, and share bots, API keys, strategies, and analytics across your team.
Each member operates within the bounds of their assigned role — Viewers can only observe, Quants can configure and trade, Risk Managers can intervene, Admins manage the team, and Owners control everything. Permissions are enforced on both the UI and backend, so no action can be performed outside a member's role.
Personal Workspace vs. Organizations
Every plutarc account starts with a personal workspace — your bots, API keys, templates, and data are visible only to you. When you create or join an organization, the OrgSwitcher in the sidebar lets you switch between your personal workspace and any organizations you belong to.
Switching context is instant — all pages (dashboard, bots, API keys, analytics, trades, settings) immediately reflect the active workspace's data. Your personal workspace and each organization maintain completely separate data, billing, and member lists.
Creating an Organization
Navigate to Settings → Organization and click Create Organization. Provide:
- Name — a display name for your organization (e.g. "Acme Trading")
- Slug — a URL-friendly identifier used in invitation links (lowercase letters, numbers, and hyphens only)
You are automatically assigned the Owner role with full control over the organization. The organization starts with its own empty workspace — no bots, API keys, or data carry over from your personal account.
Roles & Permissions
plutarc defines five roles designed for trading team operations. Each role has a fixed set of permissions that cannot be customised — the role determines exactly what a member can and cannot do.
Owner
Full control over the organization. Can delete the org, transfer ownership, manage billing, invite members, and perform all platform actions.
Admin
Full operational control. Can manage members, billing, deploy and stop bots, manage API keys, configure risk parameters, and view the audit log.
Quant
Can configure bots, create and edit strategy templates, run backtests, and manage their own trading workflow. Deploys bots autonomously up to a per-member quota set by Owner/Admin; when at the cap, submits a deploy request for approval. Cannot stop or delete bots, manage members, or manage billing.
Risk Manager
Read-only access plus emergency close-all authority. Can edit risk parameters and view the audit log. Cannot deploy bots, manage API keys, or create strategies.
Viewer
Read-only access across bots, API keys, risk parameters, strategies, backtests, and trades. Cannot modify any resources.
Permission Matrix
The table below shows the 34 permissions and which roles have access.
| Permission | Owner | Admin | Quant | Risk Manager | Viewer |
|---|---|---|---|---|---|
| Manage members | |||||
| Billing | |||||
| Invite members | |||||
| Delete organization | |||||
| Deploy bots (quants gated by per-member quota) | |||||
| Submit a deploy request when at quota | |||||
| Approve or reject deploy requests | |||||
| Stop bots | |||||
| Rename bots | |||||
| Assign API keys and strategy templates | |||||
| Delete bots | |||||
| Pause / resume bots | |||||
| Close all positions | |||||
| Close a single position | |||||
| Update bot version | |||||
| Restart bots | |||||
| View bots | |||||
| Create API keys | |||||
| Delete API keys | |||||
| Configure API keys | |||||
| View API keys | |||||
| Manage API key user access | |||||
| Edit risk parameters | |||||
| View risk parameters | |||||
| Create strategies | |||||
| Update strategies | |||||
| Delete strategies | |||||
| View strategies | |||||
| Run backtests | |||||
| Delete backtests | |||||
| View backtests | |||||
| View trades | |||||
| Purge data | |||||
| View audit log |
Inviting Members
Only members with the Owner or Admin role can invite new members (requires the org.invite permission).
- Navigate to Settings → Organization → Members tab
- Click Invite Member
- Enter the invitee's email address and select a role
- For quant invites, set an initial bot quota — how many bots they can deploy autonomously before needing approval (see below)
- The system generates a unique invite link — share it with the invitee
Invite links are valid for 7 days. The invitee visits the link to accept or decline the invitation. If they don't have a plutarc account, they must sign up first.
Pending invitations are listed in the Members tab with their expiry date and can be revoked at any time before acceptance.
Managing Members
Owners and Admins can manage the organization's member list from the Settings → Organization → Members tab.
- Change role — select a new role from the member's action menu. The Owner role cannot be assigned directly — use Transfer Ownership instead.
- Remove member — removes the member from the organization. They lose access to all organization resources immediately.
- Leave organization — any non-Owner member can leave an organization voluntarily. You will need a new invitation to rejoin.
The member list shows each member's name, email, role badge, and join date. All member management actions are recorded in the audit log.
Bot Quotas & Deploy Requests
Quants deploy bots within a per-member quota set by Owners and Admins. Owner and Admin deploys are unlimited; Risk Managers and Viewers cannot deploy.
Setting a quant's quota
Assign an initial quota when sending an invitation. You can change it at any time from Settings → Organization → Members. A quota of 0 means the quant cannot deploy directly — every deploy goes through the request workflow below.
Deploy requests
When a quant is at their cap and opens the deploy dialog, they submit a request with a label, location, and a reason. Owners and Admins see pending requests on the Bots → Requests page and receive an in-app notification. Approving a request provisions the bot under the requester's ownership. Rejection requires a reason that the requester sees on their request list.
How approvals interact with quota
Approval is a per-deploy override — it does not permanently bump the quant's quota. Approved bots do still count against the quant's active-bot total, so a post-approval quant may sit above their cap until a bot is deleted. To grant persistent capacity instead, raise their quota directly from the Members tab.
Billing in an Organization
Organization billing is managed by members with the Owner or Admin role (org.billing permission). Members with Quant, Risk Manager, or Viewer roles see a "Billing Managed by Admin" message on the billing page — they cannot top up, configure auto top-up, or view payment history.
Each organization maintains its own separate prepaid balance from your personal account. Bot compute is charged against the active organization's balance. For billing details, see the Account & Billing guide.
Audit Log
The audit log automatically records organization activity, providing a chronological record of who did what and when. Access it from Settings → Organization → Audit Log tab.
Visible to members with the audit_log.view permission (Owner, Admin, and Risk Manager).
| Event | Description |
|---|---|
org.created | Organization created |
org.updated | Organization updated |
org.ownership_transferred | Ownership transferred |
org.member_invited | Member invited |
org.member_joined | Member joined |
org.member_role_updated | Member role changed |
org.member_removed | Member removed |
org.invitation_revoked | Invitation revoked |
Each entry includes a timestamp, the action performed, and contextual details (e.g. which member was affected, what role was assigned).
Transfer Ownership
Only the Owner can transfer ownership. Navigate to Settings → Organization → General tab and find the Transfer Ownership section.
- Select the target member from the dropdown (must be an existing member)
- Confirm the transfer in the confirmation dialog
After transfer, the new member becomes Owner and you are demoted to Admin. This action cannot be undone without the new Owner's consent.
Danger Zone
Only the Owner can delete an organization (org.delete permission). Navigate to Settings → Organization → General tab → Danger Zone.
Deletion is permanent and removes all organization data including bots, API keys, trades, and member records. You must type the organization name to confirm. This action cannot be undone.