Build roles your way. 100+ permissions. Zero compromise.

A dispatcher should see dispatch, not salary slips. An accountant should see invoices, not driver locations. A franchise partner should see their branch, not your group. Travel Softdrive's RBAC is granular enough to enforce all of that — and auditable enough to prove it.

See it live in a demoStart free — 50 credits

No credit card required. Set up in 15 minutes.

Without it

  • ×Everyone either has admin or barely anything — no middle ground
  • ×Accidental rate-card edits by a sales rep with too much access cause billing chaos
  • ×Franchise partners can see each other's customers because multi-tenant logic is bolted on
  • ×Audit questions — 'who changed this rate?' — have no defensible answer
  • ×Onboarding a new team member means a long checklist and inevitable missing access

With Travel Softdrive

  • 100+ granular permission codes across every module
  • Custom roles built from any combination of permissions — no predefined straightjacket
  • Organization-scoped access — franchise partners see only their branch
  • Every permission change is audit-logged — who changed what, when, why
  • Permission dependencies auto-resolve — grant one permission, implied ones come along

What's inside

100+ granular permission codes

Every meaningful action — view booking, create booking, edit rate card, approve invoice, run payroll, export report — has its own permission. Build roles at the exact granularity your org needs.

Custom role creation

Don't settle for 'Admin', 'Manager', 'User'. Create a 'Corporate Billing Manager' role that can view all bookings but only edit invoices for specific customers.

Organization-scoped access

Franchise model? Multiple legal entities under one group? Users get access scoped to the organizations they work in — no accidental cross-entity leakage.

Permission dependencies

Grant 'approve invoice' and the implied 'view invoice' comes automatically. Revoke a parent permission and dependents are cleaned up. No more broken configurations.

Account security

Failed-login lockouts with exponential backoff. Rate-limited OTPs. Session isolation between guest and integrated drivers. Enterprise-grade security defaults.

Invitation-based onboarding

Invite a user via email. They verify OTP. They're in, with exactly the access you granted. No password sharing, no admin-handles-everything bottleneck.

Audit logging

Every permission change is logged. Every role creation, every grant, every revocation — timestamped, attributed, exportable for audit.

Instant, responsive access checks

Granular security without performance tax — the UI stays snappy even with complex role trees and hundreds of users.

In the real world

A rental group with 4 branches and a franchise partner

Before: everyone was either 'admin' (saw everything across every branch) or 'manager' (a vague mid-tier that got messily over- or under-permissioned). The franchise partner could technically see another branch's customer list — a compliance and commercial sore point. After: roles were rebuilt. 'Branch Manager' sees their own branch's bookings, fleet, and invoices — nothing else. 'Franchise Partner' sees their own entity exclusively; other branches are invisible. 'Group CFO' sees consolidated financials but not operational driver details. Rolling out to a new branch is now a 5-minute role assignment, not a week of audit-cleanup.

Illustrative scenario based on typical operator workflows.

Frequently asked questions

Can we create roles for external users — customer travel desks, franchise partners?+

Yes. Roles aren't limited to your internal team. Configure limited-scope roles for corporate customer travel desks, franchise partners, or supplier admins — each with narrowly scoped access.

What happens if someone's role is removed?+

Access is revoked immediately. Any active session is invalidated on the next request. Audit log captures the revocation with attribution and timestamp.

Can we approve rate changes via a two-person rule?+

Yes. Combined with the rate approval workflow, you can require that rate changes be proposed by one role and approved by another. Segregation of duties enforced through permissions.

How does access work across multiple legal entities?+

A user can belong to multiple organizations (legal entities) with different roles in each. Business groups let you unify entities under one view for group-level reporting, without breaking per-entity access control.

Is the permission model documented for auditors?+

Yes. The full list of permission codes, their scope, and the default roles are documented — auditors can verify that SOD (segregation of duties) controls are in place.

Works seamlessly with the rest of the platform

Rate Management

Rate approval workflows enforced via permission controls.

HR & Payroll

Sensitive payroll data locked behind dedicated roles; HR sees HR, not dispatch.

Security & Compliance

The full security stack: encryption, access controls, audit trails.

Stop running on admin-everything

Book a demo. We'll design a role model for your org and show it in action — from dispatcher to CFO.

Book a demoStart free with 50 credits

No credit card required. Credits never expire.