Every person in your organisation has a permission level that controls what they can do in Nagaris. You'll see it in the Permission column of the Team page and choose it in the Invite as field when inviting someone.
Owner — the highest level. Owners can do everything Administrators can, and are the only ones who can grant or remove the Owner permission.
Administrator — full management access: invite team members, resend and revoke invitations, edit organisation settings (practice details, branding, brand colours, tax agent details, sync preferences), manage the team (permissions, job titles, roles, rates, AML access), and create or edit roles.
Member — standard staff access for day-to-day client work. Members see the workspace but not the management controls: they can't invite people or edit team and organisation settings, and management fields on the Team page are read-only for them.
Client — a restricted level for your firm's clients. Client users get a client-specific view rather than the staff workspace, and aren't shown in the team's Permission filter (clients are invited from their client page, not the team page).
No Access — the person remains listed but can no longer access the organisation. Use it to deactivate a departed staff member without deleting their history.
Permissions are ranked: Owner above Administrator, above Member, above Client, above No Access. Throughout the help centre, firm admins means anyone with the Administrator or Owner permission.
Permissions are changed inline in the Permission column of the Team page (or in bulk — see managing your team):
Owners can set anyone to Owner, Administrator, Member or No Access.
Administrators can set people to Administrator, Member or No Access — they cannot grant or remove the Owner permission, and they can't change the permission of someone ranked above them.
Members and below can't change permissions; they see permission levels as read-only badges.
When a change succeeds you'll see a confirmation such as Permission updated to Administrator.
Nagaris keeps two separate concepts, and both appear as columns on the Team page:
Permission — what someone can do in Nagaris (this article).
Role — their job role, such as Senior Accountant, created on the Roles page. Roles carry base and billable rates used for engagements and pricing, and one role can be marked as a person's primary role. Roles have no effect on what a person can access.
So a Senior Partner might have the Owner permission and a Partner role, while a graduate has the Member permission and a Junior Accountant role.
Certain sensitive areas have an extra per-person switch on top of permissions — for example AML Access on the Team page controls who can use anti-money-laundering features, independent of being a Member or Administrator.
You can't delete your own membership from the Team page — another administrator has to remove you.