Access Control & Permissions
Configure granular user permissions across all Talos modules — ERP data, production, finance, chat, manufacturing, and more.
Overview
Talos provides a fine-grained, role-based permission system that controls access to every module and data type. Admins can configure each user's permissions individually, choosing exactly which data they can see and what actions they can perform.
Permissions are enforced at every layer — API routes, backend queries, web dashboard, mobile app, and CLI/MCP tools. There is no way to bypass permissions through any client.
Roles
Admin / Owner — Full access to all modules and data. Can manage users, set permissions, and access all settings. Admin permissions cannot be restricted.
Member — Access is determined entirely by the permissions assigned by an admin. By default, new members have no permissions until explicitly granted.
ERP Data Permissions
ERP data access is controlled by a two-level system: a general ERP Access toggle and individual module toggles.
ERP Access (general) — Master switch. When enabled, grants access to all ERP data modules (materials, orders, invoices, employees, recipes, production orders). Individual toggles below can further restrict access.
Materials — View raw materials, products, and their properties (codes, descriptions, units, stock levels).
Orders — View sales orders and purchase orders (customer orders, supplier orders, quantities, delivery dates).
Invoices — View invoice headers and line items. Note: monetary values are only visible with the Financial Data permission.
Employees — View employee list (names, codes, departments).
Recipes / BOM — View bills of materials (product recipes, component lists, quantities).
Production Orders — View manufacturing jobs (status, planned/started/completed dates, item codes). This is a standalone permission — users can have production order access without general ERP access.
Financial Data Permission
The Financial Data permission is a cross-cutting flag that controls visibility of all monetary values across the platform.
When enabled: prices, totals, unit costs, invoice amounts, order values, and financial dashboards are fully visible.
When disabled: all monetary fields (unitPrice, totalNet, totalGross, etc.) are returned as 0 from the backend. The user can still see order structures, material lists, and invoice metadata — just not the money. This applies to web, mobile, CLI, and AI chat responses.
Accounts and Payments tabs require Financial Data permission and are completely hidden without it.
Chat & AI Access
Chat access controls whether a user can interact with the AI assistant in both web and mobile.
When enabled: user sees the Chat tab (web sidebar) and Chat screen (mobile). AI responses respect all other permissions — if a user doesn't have financial data access, the AI won't reveal prices even if asked.
When disabled: Chat tab and screen are completely hidden. The default landing page becomes Shortcuts instead of Chat. API requests to chat endpoints return 403.
Module Permissions
Checklists Access — View and run quality checklists. A separate 'Edit Templates' permission controls who can create/modify checklist templates.
Non-Conformance — View and create non-conformance reports.
Calibration (Read / Write) — View calibration records, or also create/edit them.
Manufacturing (Read / Write) — View machines, competencies, test tools, tooling. Write permission allows creating/editing.
Documents — Access internal and supplier documents.
Wiki (Read / Write) — View knowledge base articles, or also create/edit them.
Surveys — View and respond to surveys.
Lead Finder — Access the sales lead generation module.
File Server — Browse and download files from the on-premise file server.
Mail Intelligence — Access email inbox and send emails through Talos.
User Management — Create users, set permissions, toggle admin status. This is separate from admin — a non-admin can manage users if this permission is granted.
How to Set Permissions
Web Dashboard: Go to Settings → Users. Click on a user to expand their permission panel. Toggle individual permissions and click Save.
Mobile App: Go to More → Users. Tap a user to see their permissions. Toggle and save.
CLI: Use talcli org users to list users and their current permissions.
Enforcement Architecture
Backend (Convex) — Every query and mutation validates permissions via assertSession(). Data is filtered or stripped at the query level, not the UI level. Monetary values are zeroed out in the database response itself.
API Routes (Next.js) — All API routes check session permissions before forwarding to Convex. Returns 403 Forbidden if the user lacks the required permission.
Web Dashboard — Sidebar items, tabs, and data panels are conditionally rendered based on permissions. Even if a user manually navigates to a restricted tab URL, the API will reject the data request.
Mobile App — Navigation items and screens are gated by the UserPermissions context. The permission state is synced from the server on each app launch.
CLI & MCP — talcli and MCP tools call the same Convex backend, so all permission checks apply. A user with limited permissions will get filtered results through Claude Desktop as well.
Best Practices
Start with minimal permissions and add as needed. It's safer to grant access incrementally than to revoke it later.
Use ERP Access (general) for users who need broad ERP visibility. Use individual toggles (Materials, Orders, etc.) for users who need access to specific modules only.
Production Orders permission is standalone — perfect for shop floor operators who need to see manufacturing jobs but shouldn't access purchasing, invoicing, or financial data.
Financial Data is cross-cutting — disabling it hides monetary values everywhere, including in AI chat responses. Great for operational staff who need to see what's ordered but not how much it costs.
Chat access can be granted independently. A user with Chat + Materials + Production Orders can ask the AI about material properties and production status without seeing prices or invoices.