Request a demo
Spotnana builds direct integration to Travelodge
Learn more
Login Request a demo
All posts

Role-based access control supports tailored permissions for each user

By Sheryl Neutuch
| June 18, 2026 |
Innovation, Travel buyers, Travel sellers

It takes a village to run a travel program. 

Within a corporation there can be one or more travel managers, key stakeholders across finance and HR teams, and a wide range of specialized users including arrangers, event managers, and more, all supporting employees that travel. Travel management companies (TMCs) also have a range of operational roles and assign agents to specific duties.

To keep each user focused on the tasks they need to perform and reduce the risk of sharing sensitive data, it’s necessary to have granular control over permissions that define what a user can see and do in Spotnana.

This is why we’ve developed a new role-based access control system designed to provide unprecedented flexibility and control.

Now TMCs and travel managers can ensure every user has exactly the right level of access to data and functionality, creating a more secure, efficient, and tailored experience for everyone.

Structured access, built for scale

Spotnana’s role-based access control consists of three core elements: roles, groups and scope. Together these define who can do what and where within the platform.

Roles determine what a user can do

A role is a defined set of permissions aligned to specific responsibilities. Instead of granting full administrative access, permissions can be assigned based on a user’s responsibilities. Here are just a few examples of the specialized roles that are now available in Spotnana:

  • Reporting Administrator: Access and run analytics.
  • User Management Administrator: Add, edit, or remove user profiles.
  • Company Settings Administrator (read only): View policies without making changes.
  • Event Management Administrator: Create and manage event travel.
  • TMC Settings Administrator: Full access to TMC settings and configurations.
  • Agent: Access the task dashboard and booking tools.

In the future, Spotnana will support the ability to define custom roles based on a configurable combination of permissions.

Groups simplify user permission assignments

In Spotnana, a group is a set of users with a common set of access needs. Rather than assigning permissions to a user, each user is assigned to a group, and each group is matched to a set of permissions defined by a role and a scope.

Standard groups are available out of the box, and custom groups can be created to reflect your organization’s unique setup.

Scope determines where permissions apply

As administrators set up permissions, they often have to answer practical questions: Should a user be given access to data for all travelers? Should an agent be able to access tasks for all companies, or just for one company? 

With Spotnana’s scope controls, a user’s permissions can be limited to a specific set of individuals, event templates, or organizations.

Built for real-world use cases

Role-based access control addresses a wide range of operational challenges for both TMCs and corporations. Here are a few examples:

Stealth travel support team

If executives want to keep their travel confidential, a group can be established with access to a stealth agent role. The scope of the group can be limited to members of the executive team, allowing only a small number of people to book and manage sensitive trip itineraries.

Financial analyst team

For corporate finance teams, role-based access control enables precise access to essential insights without granting the permission to book a trip. A financial analyst group can be created with members assigned to the report management admin role. The scope for this group can be set to allow visibility into all traveler data or just a subset of legal entities, providing visibility into the right level of travel data for reporting and reconciliation needs. 

Dedicated agent team

A TMC might be contracted to staff a dedicated team of agents to a specific corporate account. To support this need, a group can be created with agent and trip manager roles assigned to each member and a scope limited to a specific client organization. 

Tailored control for modern travel

With role-based access control, Spotnana brings structure and flexibility to the way travel programs are managed. By combining roles, groups, and scope, organizations can precisely define access, protect sensitive data, and ensure every user stays focused on what matters most. 

The result is a more secure, efficient, and scalable experience built to support the needs of modern travel teams.

Ready to tailor your user permissions with role-based access control? Request a demo today.

Written by

Author Profile Picture

Sheryl Neutuch

Sheryl leads Spotnana's Product Marketing team and is responsible for communicating Spotnana's value to customers and internal teams alike. This means articulating what customers are struggling with, how Spotnana can solve their problems, and what sets Spotnana apart in the market.

Prior to Spotnana, Sheryl spent the last decade within the advertising technology space. She has most recently served as a product marketing leader at Spotify – joining prior to their IPO – and Amazon Ads. Earlier in her career, Sheryl worked on the advertiser supply side, including publisher USA Today, and also on the advertising agency side at world leading holding companies, including Publicis, Interpublic Group, and WPP. Sheryl holds a Bachelor's degree in English Literature from Rutgers College, Rutgers University.

Related articles