Capabilities matrix — who can do what (and why)
This page is the internal cheat sheet for “which menu appears for whom” and why Skilladder splits roles the way it does. It is not a legal contract: feature flags, customer deals, and company staff toggle rows can change what a specific login sees. Always verify in a seeded account before a customer demo.
Design principles (why so many roles?)
- Tenant safety — A normal customer admin should see their organisation only, not accidentally browse another company’s candidates.
- Content vs operations — Directory (“Content admin”) exists so taxonomy and reusable assessment content stay high quality without giving every HR user “god mode.”
- Portfolio scale — MCA exists for managed service / multi‑employer programmes that must copy, deploy, or monitor across companies with one login.
- Least privilege inside a company — Company staff get granular toggles (create assessments, manage templates, browse question bank, invite candidates, view results) so deputies are not copies of the primary admin.
- Participant isolation — Talent / Candidate personas get a minimal shell (dashboard + skill profile) so assessment-taking stays focused and low risk.
Sidebar & major areas (typical)
Legend: ● = generally yes · ◐ = conditional (staff toggles or special rules) · — = no
| Area | Platform | Directory (Content admin) | MCA | Company primary | Company staff | Staff viewer | Talent / Candidate |
|---|---|---|---|---|---|---|---|
| Dashboard | ● (internal-style) | ● “Content admin” framing | ● Multi‑company view | ● Company metrics | ● If not blocked | ● Read-oriented | ● Participant dashboard |
| Assessments | ● | ● Content stewardship | ● Portfolio scope | ● | ◐ canCreateAssessments etc. | ● View depends on role | — |
| Templates | ● | ● | ● Deploy / duplicate where allowed | ● | ◐ canManageTemplates vs read | ● List read | — |
| Candidates | ● | — (product choice: directory focuses on content) | ● | ● | ◐ needs canViewResults for many views | ● | — |
| Skill Profile | — | — | — | — | — | — | ● |
| Skills (taxonomy) | ● | ● Strong focus | ● | ● | ◐ taxonomy often tied to canViewResults | ● | — |
| Question Bank | ● Operator | ● Operator | ● Browse / portfolio | ● Browse / use | ◐ Question bank (browse) toggle | ● Read-style | — |
| Companies | ● | — | ● | — | — | — | — |
| Portfolio access / Registration domains | ● (policy tooling) | — | ◐ assignment-dependent | — | — | — | — |
Operators on the Question Bank = Platform and Directory (create/edit/review/import/usage dashboards). Others typically consume bank content when building assessments.
Company staff toggle reference (Account → Team)
When someone is company staff (not the primary admin), Skilladder stores a small JSON permission set:
| Toggle (UI meaning) | Engineering key | Typical intent |
|---|---|---|
| Create assessments | canCreateAssessments | Author new live assessments / flows that depend on this permission. |
| View results & analytics | canViewResults | Candidates area, exports in some paths, taxonomy visibility often coupled to this—do not assume without testing. |
| Invite candidates / share | canInviteCandidates | Distribution of participant flows where the product gates on this flag. |
| Question bank (browse) | canManageQuestionBank | Misleading key name: enables route access / browse of the Question Bank for staff—not the same as operator rights (those stay Platform/Directory). |
| Manage assessment templates | canManageTemplates | Curate template artefacts for the company when allowed. |
If the API cannot load permissions, the client may deny staff-gated actions until the error is fixed—treat that as an incident, not “the user is wrong.”
Where to read more
- Platform & Directory admins — elevated internal roles.
- Multi‑company administrator (MCA) — portfolio context.
- Company administrators & staff — customer roles and granularity.
- Talent & candidates — participant shell.
- Question Bank — bank-specific access and lifecycle.
Questions about a specific customer login — Slack #producttech_cooking with user id + company id (redacted in external comms).