Back to Reimagine Hub

Feature · Reimagine Hub

Role-based permissions: every role sees only what it needs, audit trail included

Owner, front desk, team member, and customer each get their own scoped view. Audit trail on every access, two-factor confirmation for sensitive actions.
Book a live demoSee how it works in 4 steps

Live in production 13+ months · 4 industries · Founded by PhDs (ex-Google, Meta)

Response under 2 minutes Included in Starter No per-message fee Onboarding in 1 week

The pain you recognize

What goes wrong without role-based access control

When everyone can see and edit everything, sensitive data leaks, billing errors multiply, and there is no trail when something goes wrong.

Junior front desk applies a discount beyond their limit

Mia, two weeks on the job, gives a customer a 30% discount because they asked. The owner finds out at month-end that $400 of margin evaporated on one estimate. No discount cap per role, no warning before it was applied.

One team member sees another's commission and a conflict starts

Jake, a junior technician earning a flat rate, opens the team leaderboard and sees that senior technician Carlos earned $2,800 in commissions last month. Jake's flat rate was $600. He confronts Carlos and morale drops. Without isolated pay visibility, transparency becomes a problem.

A terminated employee still has system access weeks later

You let go of a front desk employee on a Friday. On Monday you realize the shared password they used still works. They accessed the customer list over the weekend. No individual logins, no instant access revocation.

A staff member exports the entire customer list without authorization

Your marketing coordinator pulls a full export of customer records to build a campaign. The file includes home addresses, payment history, and job notes. No export permission gate, no audit trail showing who exported what.

How it works

How role-based permissions work in 4 steps

From setting access levels to receiving an audit alert, every permission action is logged automatically.

1

Step 1: Reimagine team sets up 6 to 8 default roles during onboarding

Each industry has its own role set. Home services: Owner, Manager, Senior Coordinator, Junior Coordinator, Team Member, Client, Marketing, Accountant. Auto shop: Owner, Manager, Senior Technician, Junior Technician, Service Advisor, Client. Each role ships with a pre-built permission matrix for that industry.

2

Step 2: Granular permission matrix per area: read, write, approve, export

Each role has scoped access per area: customer records, estimates, contracts, payments, commissions, invoicing, scheduling, photo gallery, performance dashboard, company settings. Junior front desk can apply discounts up to 10%, senior up to 20%, owner unlimited. Every decision is logged in the audit trail.

3

Step 3: Customer gets a scoped self-service portal

The customer opens their portal via the link in their contract or payment receipt. They see only their own jobs, signed contracts, payment history, and photo gallery. They do not see any other customer's data. They can request a copy of their access log in one tap.

4

Step 4: Two-factor confirmation for sensitive actions plus full audit trail

Sensitive actions (deleting a customer record, changing commission rules, exporting the customer list, applying a discount above the role limit) require a second confirmation via authenticator app or biometric before executing. The audit trail logs every access: who, when, from where, what was viewed or changed, with a hash for tamper-evidence.

Real example

Role-based permissions in action: two real scenarios

See how Hub prevents a margin leak and handles instant offboarding.

Front desk coordinator is blocked from applying a 35% discount she thought was allowed

Persona

Mia is a new front desk coordinator at a roofing company in Atlanta. A long-time customer asked for a deep discount. Mia tried to apply 35%. Hub blocked it.

  1. Call with customer
    Mia

    Long-time customer requests 35% discount on a $2,100 estimate. Mia agrees and goes to apply it in Hub.

    Customer
    We've been with you for 5 years. Can you do 35% off for us this time?
    2:14 PM
  2. 2:16 PM
    Hub

    Blocks the discount. Shows Mia: 'Your role allows up to 15% discount. Requests above 15% require manager approval.'

    Hub
    Discount limit reached. Your role allows up to 15%. This request requires manager approval.
    2:16 PM
  3. 2:17 PM
    Mia

    Sends approval request to manager via Hub. Manager reviews and approves 20% as a one-time loyalty exception.

  4. 2:19 PM
    Customer

    Receives updated estimate with 20% discount applied and approved.

    Great news! We've applied a 20% loyalty discount to your estimate. Total is $1,680. Ready to schedule?
Outcome

Margin protected. Customer got a real discount with manager oversight. Mia learned the approval flow. The $420 difference between 35% and 20% stayed in the business.

Before vs. after

Reimagine Hub vs. ServiceTitan, Jobber, and HouseCall Pro on access control

Without Reimagine Hub

  • Junior front desk applies a discount beyond their limit. Owner finds out at month-end and the margin is already gone.
  • Team members see each other's pay in the shared dashboard. Morale conflict starts.
  • Terminated employee keeps system access until someone remembers to change the shared password.
  • Staff member exports the full customer list with no audit trail showing who did it or when.
  • Shared logins between front desk staff. One bad actor causes an incident that cannot be attributed.

With Reimagine Hub

  • Discount cap enforced per role. Hub blocks the transaction before it is applied if the limit is exceeded.
  • Each team member sees only their own jobs and commission. No cross-visibility into colleagues' pay.
  • Individual login per employee. Offboarded employee loses access in five seconds from the admin panel.
  • Export is a permission-gated action. Audit trail records who exported, when, and how many records.
  • Every login is individual. Every action is logged. Audit trail is available for any date range in seconds.

By the numbers

What businesses report after adding access controls

Results from businesses using Reimagine Hub role-based permissions across home services, auto shop, real estate, and property management.

100%
Actions logged in the audit trail
full history available for any date range
+14%
Margin improvement reported after adding discount limits
junior staff no longer apply discounts beyond their role
5s
Time to revoke a terminated employee's access
vs shared-password scenario that takes days to catch
0
Unauthorized data exports since audit trail was enabled
vs no visibility into who accessed what

Results vary by volume, service catalog, and configuration. Figures observed across Reimagine operations running this feature for 3+ months.

By industry

Role-based permissions across every industry

Every service business has roles that should not see everything. The same permission engine works for any team structure.

Live

Role-Based Permissions with Audit Trail for Home Services

Discount limits, team member pay isolation, customer portal

Home service businesses using Reimagine Hub permissions
Live

Role-Based Permissions with Audit Trail for Auto Shop

Technician vs. service advisor vs. manager access levels

Auto shops using Reimagine Hub role-based access
Live

Role-Based Permissions with Audit Trail for Real Estate

Agent vs. coordinator vs. broker visibility on deal pipeline

Real estate teams using Reimagine Hub permissions
Live

Role-Based Permissions with Audit Trail for Property Management

Tenant portal scoped to their own unit and payments

Property managers using Reimagine Hub role controls

What sets us apart

How Reimagine Hub compares to ServiceTitan, Jobber, and HouseCall Pro on user permissions

Most field service platforms offer basic user roles without granular control or audit trails. Hub gives you per-action permissions and a full access log.

ServiceTitan

What it is
Field service management with user roles
Limitation
Role-based access available but audit trail depth and sensitive-action two-factor confirmation require higher-tier plans
Hub
Hub ships audit trail and two-factor gates on sensitive actions at every plan level, including the base tier

Jobber

What it is
Job management with team permissions
Limitation
Basic role levels (admin, team member, client) without granular permission matrices per feature area
Hub
Hub offers per-feature-area permissions (read, write, approve, export) configurable per role, set up by the Reimagine onboarding team

GoHighLevel

What it is
CRM and marketing platform with user management
Limitation
User roles focused on CRM access, not field operations permissions like discount limits or technician-level pay isolation
Hub
Hub permissions are designed for field operations: discount caps, pay isolation, photo gallery access, and customer portal scoping

Direct comparison

Role-based permissions comparison: Reimagine Hub vs. alternatives

Key access control features across service business platforms.

FeatureReimagine HubServiceTitanJobberGoHighLevel
Granular per-feature permission matrix~~
Discount cap enforcement by role
Full audit trail per access~~
Two-factor gate for sensitive actions~
Instant access revocation on offboarding
Customer self-service portal scoped to own data~
Included in base plan
Has feature~ Partial / limited Not available

Technical honesty

What role-based permissions do not handle automatically

The permission system covers Hub access. A few adjacent scenarios need manual action.

External tools (email, accounting software, phone system) connected to Hub are not governed by Hub permissions and need their own access controls

Role changes for existing team members take effect immediately but past actions remain in the audit trail under the previous role

Custom roles beyond the 8 default templates require a configuration request to the Reimagine team

What Hub does instead

Hub flags any permission conflict (for example, a team member trying to access a feature above their role) and surfaces it in the admin access log with the timestamp and action attempted.

Comes with the Hub

Permissions connect to every feature in the Hub

Permissions run across every feature in the Hub. A team member's role determines what they see in the performance dashboard, what discounts they can apply on an estimate, whether they can export payment records, and which jobs appear in their schedule. Adding a new team member takes two minutes: set their role, send them a login link, done.

Live

Three-Way Digital Contract

Client, contractor, and tech each sign from their phone. Legally valid digital signature, no printer needed.

View feature
Live

Tech Commission Automation

Hub calculates each tech's commission the moment the job is paid. Tech sees it in real time. No spreadsheets, no disputes.

View feature
Live

Automatic Invoicing and Receipts

Job paid triggers an automatic invoice and receipt to the customer. Hub archives for compliance and exports monthly to your accountant. Zero manual entry.

View feature
Live

Conversations Linked to Job

Every customer message, photo, and update lives inside the job record. Any team member opens the job and sees everything.

View feature
Live

Multi-Team Scheduler

Hub assigns jobs to the right tech based on skill, location, and availability. No double-booking, no phone tag.

View feature
Live

Performance Dashboard with Deco AI

Revenue, margin, team member quality scores, average job value. Deco AI spots patterns you missed. Updates in real time as each payment comes in.

View feature
Live

AI Lead Prospecting with Deco

Deco AI finds the right customer on Google Maps, Zillow, and social, enriches with phone numbers, and sends a personalized text. Responders drop into the pipeline already tagged.

View feature
Live

AI Pre-Estimate via Text

AI reads the customer's description or photo and sends a price range in under 2 minutes, 24/7.

View feature

Every feature above comes inside the Reimagine Hub on the same plan. See all Reimagine Hub features or get in touch if you are looking for something specific.

Pricing

Included in every Reimagine Hub plan

No security add-on, no enterprise tier required. Role-based permissions and audit trail are part of the base Hub plan.

Book a demoExplore all Hub features

Glossary

Permission and audit trail terms explained

Plain-English definitions for access control concepts.

Role
A named set of permissions assigned to a user type (Owner, Manager, Front Desk, Team Member, Client). Each role determines what the user can see, edit, approve, and export within Hub.
Audit trail
A tamper-evident log of every access and action in Hub. Records who, when, from which device, and what was viewed or changed. Available for any date range from the admin panel.
Sensitive action gate
A two-factor confirmation step that blocks a sensitive operation (deleting a record, exporting data, applying an over-limit discount) until the user verifies with an authenticator app or biometric.
Scoped portal
A self-service view for the customer that shows only their own records. They see their jobs, signed contracts, payments, and photos, but nothing belonging to other customers.

FAQ

Frequently asked questions about role-based permissions

Can I create a custom role beyond the 8 defaults?

Yes. Custom roles are available on request. The Reimagine team configures them during or after onboarding based on your specific workflow.

How long is the audit trail stored?

Hub stores the audit trail for five years by default, which covers the standard compliance window for most service businesses.

What happens if a team member tries to perform an action above their permission level?

Hub blocks the action, shows the team member a clear message explaining the limit, and routes an approval request to the appropriate manager if the action has an approval workflow.

Can customers see the audit trail for their own data?

Yes. Customers can request a copy of who accessed their records via their self-service portal in one tap. The report covers the last 12 months.