Tray Org setup

Workspace types

It is vital that you set up your Tray org in a way that meets the needs of your company.

When doing so it is key to bear in mind that there are three types of workspace within a Tray Organization as illustrated by the following diagram:



Organization (1 per Tray account)

All users have controlled access


Each user has their own personal workspace, where only they can create assets (which can subsequently be shared)

Custom / shared workspaces

Only specified shared workspace members have controlled access

Embedded workspace (1 per Tray account - Embedded customers only)

The only type of workspace where you can create Solutions that drive Embedded integrations

Organization / account roles

Within an Organization / account there are 3 types of roles:



Owner (1 per org / account)

The person who created the Tray account and is granted the highest level of access to all Org assets, members and analytics

Can access other users’ assets in any workspace (including personal)

In charge of the billing information

Org Admin

Can manage all asset types (workflows, authentications, services, etc.) within the Org workspace

Can manage members

Can access other users’ assets in any workspace (including personal)

Can view all analytics

Org Contributor

Can manage all asset types (workflows, authentications, services, etc.) within the Org workspace

Can only access shared workspaces they are given access to

Org Viewer

Can only view assets within the Org workspace

Can only access shared workspaces they are given access to

Some recommendations for management of your Organization workspace:

  • Your Org Owner should be an identified individual from within IT / Biz ops

  • The Org Admin role should also only be assigned to appropriate individuals within IT / Biz ops

  • For all other members of the Org workspace, the Viewer role should be used as much as possible, and the Contributor role used only sparingly

  • The Organization workspace should not be used for building production workflows. These should be built in shared workspaces (see below)

Shared workspaces

Additional Workspaces can be created and used to sub-divide your organization to however suits your business needs. For example by:

  • Company department (sales, marketing, HR etc.)

  • Project units

  • Teams

  • Implementation types (Data syncing, ETL etc.)

You should also set up your workspaces in a way that will facilitate Environment Promotion

When creating shared workspaces you can assign the appropriate level of access to each member (admin, contributor or viewer).

Workspace members can have a higher level of access than they do at Org level.

For example, an Org workspace 'viewer' could be a shared workspace 'admin'.

The creator of a shared workspace is automatically granted the role of workspace Admin.

If your member is an Admin or Owner of the Organization, they can only be added to shared workspaces as a Workspace Admin. They cannot be demoted unless their organization role is demoted to a role lower than Organization Admin.

Embedded account setup

Customers wishing to create Solutions to act as the basis for End User-activated integrations will need to do so in an Embedded workspace.

It is currently not possible to create Solutions in shared workspaces.

Please see our Environment Promotion documentation for more guidance on how to set up your Embedded workspace to meet your needs.

Instance-level alerting setup

It is recommended that you set up instance-level alerting for your organization as soon as possible to help you monitor and process errors being generated by your projects and workflows.

You can become more granular in your approach as you become more familiar with Tray and your own automation requirements, but this should be set up from the start.

Embedded customers should make use of the Solution Alert trigger and the Solution Instance trigger and follow our guidance on Embedded error handling.