Your Bron workspace is designed for secure, collaborative asset management. By inviting users and assigning roles, you can distribute responsibilities while maintaining full control over critical actions. Together with security policies and transaction limits, this creates a structured and safe environment for managing funds as a team.

Bron supports five roles within a workspace:

Owner has full control over the workspace and assets — they can perform any action, including withdrawals, swaps, staking, managing users, and updating security settings.

Member has operational access to assets and can interact with funds (withdraw, swap, stake), but cannot manage other users or change security settings.

Viewer has read-only access. They can view balances and activity and may be required to confirm transactions or approvals, but cannot initiate or execute transactions independently.

Guardian is a trusted contact for account recovery — they help regain access to the workspace if it is lost.

Beneficiary is a designated recipient of the workspace assets in the event of the owner's passing or incapacitation. Beneficiaries are configured as part of the inheritance setup — see Inheritance for details.

Owners can configure additional controls that affect how users interact with the workspace.

Depending on your Security Policies and Transaction Limits settings, users may be required to approve transactions before execution, approve transaction limit changes, approve address book updates, or approve user changes.

These approval requirements depend on your workspace configuration: if Member Approval is enabled in Security Policies, designated users must approve critical actions; if Security Delay is enabled, actions are delayed before taking effect instead of requiring approval. Transaction limits can also require approvals or delays depending on the configured rules.

For more details about how approvals and protections work, see Security Policies.

To invite a new user to your workspace, enter their email address and assign their role and permissions.

If Approve User Changes is enabled in your Security Policies, adding a new user will only take effect after another authorized user reviews and approves the action.

Once approved, an email invitation is sent to the specified address with a link to set up their account. The invited user must follow the link, set up their passkey, and accept the invitation to join the workspace. After that, they'll be able to take any actions allowed by their role.

You can modify the role and permissions of any user, or deactivate them, at any time.

If protection for user changes is enabled in your Security Policies, these actions will not take effect immediately — they'll either require approval from an authorized user (Member Approval, Enterprise only) or be applied after a delay (Security Delay, all plans). This ensures that changes to user access cannot be made instantly without oversight.

When a user is deactivated, they immediately lose all access to the workspace. They will no longer be able to log in, view balances or transaction history, initiate or approve any actions, or interact with the workspace in any way.

If your role is Guardian or Member, you can remove yourself from the workspace at any time. To do this, go to Settings → Workspace Details and click Leave Workspace.

To change a user's role:

Keep in mind that role changes only affect access level. Approval rules are managed separately in Security Policies, and transaction rules are configured in Transaction Limits.

If you have questions, contact our support team via messenger on the Bron platform or by email support@bron.org.