Tray Org setup
Workspace typesCopy
It is vital that you set up your Tray org in a way that meets the needs of your company.
When doing so it is key to bear in mind that there are three types of workspace within a Tray Organization as illustrated by the following diagram:
Workspace | Description |
|---|---|
Organization (1 per Tray account) | All users have controlled access |
Personal | Each user has their own personal workspace, where only they can create assets (which can subsequently be shared) |
Custom / shared workspaces | Only specified shared workspace members have controlled access |
Embedded workspace (1 per Tray account - Embedded customers only) | The only type of workspace where you can create Solutions that drive Embedded integrations |
Organization / account rolesCopy
Within an Organization / account there are 3 types of roles:
Role | Description |
|---|---|
Owner (1 per org / account) | The person who created the Tray account and is granted the highest level of access to all Org assets, members and analytics Can access other users’ assets in any workspace (including personal) In charge of the billing information |
Org Admin | Can manage all asset types (workflows, authentications, services, etc.) within the Org workspace Can manage members Can access other users’ assets in any workspace (including personal) Can view all analytics |
Org Contributor | Can manage all asset types (workflows, authentications, services, etc.) within the Org workspace Can only access shared workspaces they are given access to |
Org Viewer | Can only view assets within the Org workspace Can only access shared workspaces they are given access to |
Some recommendations for management of your Organization workspace:
Your Org Owner should be an identified individual from within IT / Biz ops
The Org Admin role should also only be assigned to appropriate individuals within IT / Biz ops
For all other members of the Org workspace, the Viewer role should be used as much as possible, and the Contributor role used only sparingly
The Organization workspace should not be used for building production workflows. These should be built in shared workspaces (see below)
Shared workspacesCopy
Additional Workspaces can be created and used to sub-divide your organization to however suits your business needs. For example by:
Company department (sales, marketing, HR etc.)
Project units
Teams
Implementation types (Data syncing, ETL etc.)
You should also set up your workspaces in a way that will facilitate Environment Promotion
When creating shared workspaces you can assign the appropriate level of access to each member (admin, contributor or viewer).
Workspace members can have a higher level of access than they do at Org level.
For example, an Org workspace 'viewer' could be a shared workspace 'admin'.
The creator of a shared workspace is automatically granted the role of workspace Admin.
If your member is an Admin or Owner of the Organization, they can only be added to shared workspaces as a Workspace Admin. They cannot be demoted unless their organization role is demoted to a role lower than Organization Admin.
Embedded account setupCopy
Customers wishing to create Solutions to act as the basis for End User-activated integrations will need to do so in an Embedded workspace.
It is currently not possible to create Solutions in shared workspaces.
Please see our Environment Promotion documentation for more guidance on how to set up your Embedded workspace to meet your needs.
Instance-level alerting setupCopy
It is recommended that you set up instance-level alerting for your organization as soon as possible to help you monitor and process errors being generated by your projects and workflows.
You can become more granular in your approach as you become more familiar with Tray and your own automation requirements, but this should be set up from the start.
Embedded customers should make use of the Solution Alert trigger and the Solution Instance trigger and follow our guidance on Embedded error handling.