Your Ticket to the Platform

Business Privilege is the first and most important tier in Luklak’s security model. Think of it as a user’s passport or campus ID badge—it determines if they are allowed to enter the system at all and defines their maximum, unchangeable authority across the entire platform.
Every account, whether it’s a User account or a Functional account, must be assigned one of the four Business Privileges. This is a global setting that precedes all other permissions.

The Four Privilege Levels

There are four distinct levels of Business Privilege, each designed for a specific scope of responsibility.

Owner

The single highest authority. The Owner can manage billing, transfer ownership of the entire instance, and holds all permissions of the Admin role. There can only be one Owner.

Admin

A system administrator with full configuration power. Admins can manage all users, groups, roles, global settings, and have the ability to access and configure any part of the platform.

App Manager

A specialized builder role. App Managers can design, create, edit, and manage 📋 Functions. This role is ideal for solution architects or department heads who build and maintain processes without needing full admin rights like user management.

Member

The standard privilege for most team members. Members can work within the ⏹️ Spaces and 🧊 Objects they are granted access to via Tier 2 and Tier 3 permissions, but they cannot access global settings or design 📋 Functions.

How to Assign and Manage Privileges

Assigning a Business Privilege is a high-level administrative action.
Assigning Owner or Admin privileges grants extensive control over your entire Luklak instance. Grant these privileges with caution and only to trusted personnel.
# Tutorial: Assigning a Business Privilege

! Important: You must have Owner or Admin privileges to manage other users' privileges.

## Section 1: Navigate to User Management

1.  **Open Global Settings**
    Click on the main menu and select `Global Settings`.

2.  **Select User Management**
    In the settings panel, navigate to the `User Management` section. You will see a list of all users in your instance.

## Section 2: Change a User's Privilege

1.  **Select a User**
    Click on the user whose privilege you wish to change. Their profile details will open in a side panel.

2.  **Choose the New Privilege**
    Find the "Business Privilege" dropdown menu. Select the desired level: `Owner`, `Admin`, `App Manager`, or `Member`.
    ![A user's profile panel with the "Business Privilege" dropdown open, showing the four options.](https://via.placeholder.com/1200x600.png/000000/FFFFFF?text=Step%202:%20Choose%20Privilege)

3.  **Confirm the Change**
    The change is saved automatically and takes effect immediately. The user will now operate under their new system-wide authority.

What’s Next?

Now that you understand how to grant users access to the platform, the next step is to define what they can access within it.