Cooperation Permission Restrictions
When you share a plant or portfolio with a partner organization, the level you share at becomes a ceiling: the partner can never grant their own members more access than you gave them. This keeps cross-organization sharing safe and predictable — you stay in control of how far your resources travel.
Concept
A cooperation lets two organizations share parks and portfolios across the organization boundary. Each shared resource is shared at a specific job role, and that role caps everything the receiving side can do with it.
Two rules make this work:
- Admin-only reach. Only an organization Admin on the receiving side can access and delegate cooperation-shared resources. Other roles (Moderator, Asset Manager (Technical), Asset Manager (Commercial), Member, External) cannot see or manage resources that arrived through a cooperation — they only ever interact with their own organization's resources.
- Capped delegation. The receiving admin can hand a shared resource to their own members only at a role no higher than the one it was shared at, and only within an allowed set (see below).
Info
This is intentionally stricter than normal in-organization permission management. Resources that cross an organization boundary are funnelled through admins so there is always a single accountable owner on each side.
Permission Hierarchy
Job roles on a resource run from highest to lowest authority. Cooperation sharing always picks one of these as the shared level:
Note: Asset Manager is the commercial-authority peer of Technical Manager and may also be shared as a capped level.
The Operator role is reserved for resources an organization owns directly. You can never share or re-grant a resource at the Operator level through a cooperation — that authority does not cross the organization boundary.
How Capped Delegation Works
When Organization A shares a resource with Organization B at a given level, Organization B's admins can:
- Access the resource automatically at the shared level (admins only).
- Delegate to their own members — but only within the allowed set for that shared level.
The allowed set for a cooperation-shared resource is always Viewer plus the shared role itself. A receiving admin chooses between giving a member read-only access (Viewer) or the full shared level — nothing in between, and never higher.
| Shared at | Receiving admin may grant members | Never allowed |
|---|---|---|
| Technical Manager | Viewer, Technical Manager | Operator, anything higher |
| Asset Manager (commercial authority) | Viewer, Asset Manager | Operator, anything higher |
| Viewer (read-only) | Viewer | every higher role |
Example Scenario
Warning
A member who receives a cooperation-shared resource sees exactly what their granted level allows — no more than the organization that owns the plant chose to share. If the sharing organization later lowers the shared level or removes the cooperation, the receiving members' access is reduced or revoked accordingly.
Managing Cooperation Permissions
You manage what your organization shares, and what it re-grants, from the cooperation and member-permission areas of the platform:
- What you share out — only the resource-owning organization can set the level at which a park or portfolio is shared through a cooperation, and can set an optional expiration on that share.
- What you delegate in — a receiving admin grants the shared resource to their own members within the allowed set above, optionally with an expiration date.
These surfaces are also available through the public REST API (see the live /docs). The same caps are enforced no matter how a grant is made, so the API can never be used to exceed the shared level.
Related Features
- Permission System — organization roles, job roles, and how they map to resource access
- Cooperations — how to create, pause, and expire cross-organization sharing
- Invitations — inviting members and partner organizations
- Audit Log — who accessed shared plant infrastructure and when