Give your team access to exactly what they need
Four purpose-built roles — OWNER, ADMIN, STAFF, and VIEWER — with scoped permissions that actually match how tour and experience teams work. No more sharing the owner login, no more guides seeing revenue.
14-day free trial. No credit card required.
Why operators trust Triviyo's role model
Designed for the realities of experience operators — not copy-pasted from a retail SaaS.
Four roles, zero guesswork
OWNER runs the business, ADMIN manages day-to-day, STAFF runs tours and checks guests in, VIEWER sees read-only KPIs. Each role maps to a real job — so you never need to explain who can see what.
Revenue stays revenue-gated
STAFF see their schedule, their guests, and their check-ins — never gross margin, partner payouts, or financial reports. ADMIN and above unlock revenue dashboards. No accidental over-sharing.
Per-member configuration
Layer custom permissions on top of each role — give a senior guide access to the schedule editor, let a viewer export a specific report. Role provides the baseline, per-member rules handle the edge cases.
Viewer role for accountants & investors
Hand your accountant or board a VIEWER login — they see the dashboards they need, nothing they shouldn't touch. No shared credentials, no CSV workarounds.
Two-factor on privileged roles
OWNER and ADMIN roles can require 2FA before touching settings, payouts, or team access. Enforced at login and on sensitive actions — no separate security plugin needed.
Full audit log, always on
Every permission change, every login, every settings edit is logged with who, what, and when. Available on Professional and up — essential for SOC 2 prep and investor diligence.
Triviyo roles vs. generic user access
What purpose-built roles look like compared to a flat user list.
| What the role system ships with | Triviyo | Without Triviyo |
|---|---|---|
| Built-in roles | OWNER / ADMIN / STAFF / VIEWER | Flat user list |
| Setup time | Under 5 minutes per member | Hours of manual permission toggles |
| OWNER full access | Requires manual config | |
| Revenue gated above STAFF | ||
| Scoped STAFF schedule view | All-or-nothing | |
| Read-only VIEWER role | ||
| Per-member custom permissions | Role-only | |
| Audit log | Professional and up | Enterprise add-on |
| Two-factor for privileged roles | Manual setup | |
| Support | One team | Separate IAM vendor |
Clear, predictable, and built for operators.
Teams that run smoother with Triviyo roles
"Our guides used to share one login — which meant anyone could see revenue, refund bookings, or change pricing. With Triviyo roles each guide has STAFF access, and I sleep better at night."
Ingrid Dahl
Owner, Fjord Adventure Co.
"Giving our accountant a VIEWER login was a revelation — she pulls whatever she needs, doesn't touch anything she shouldn't, and I don't have to export reports for her at month-end anymore."
Noah Petersen
Founder, Alpine Ski Guides
Frequently asked questions
What are the four roles and what can each do?
OWNER has full access to everything including billing, team, and settings. ADMIN manages day-to-day operations, bookings, pricing, and reports. STAFF runs scheduled tours, checks guests in, and sees their own bookings. VIEWER has read-only access to dashboards and reports — perfect for accountants, investors, and board members.
Can I customize what each role sees?
Yes. Roles provide the baseline permissions, and you can layer per-member overrides — give a senior guide access to the schedule editor, or unlock a specific report for a VIEWER. The role handles the common case; overrides handle the edge cases.
How many team members can I invite?
Unlimited on every plan. We don't charge per seat — bring your full team, including seasonal staff, and pay the same flat monthly price.
Can STAFF see revenue or financial data?
No. Revenue dashboards, gross margin, partner payouts, and financial reports are gated to ADMIN and OWNER by default. STAFF see their own schedule, their assigned guests, and their check-ins — nothing else.
Is there an audit log?
Yes. Every permission change, login, and settings edit is logged with full actor and timestamp data. Audit log is available on Professional and up — essential for SOC 2, GDPR, and investor diligence.
Can I require two-factor for privileged roles?
Yes. OWNER and ADMIN roles can be configured to require 2FA at login and on sensitive actions like payout changes or team edits. Enforced automatically — no separate security plugin needed.