Coinbase Prime requires the highest levels of security for each Prime client. This is why each authorized user on a Prime account has a unique role and unique permissions. This creates secure "checks and balances" for the account—we call this consensus management.
When first onboarding onto the Coinbase Prime platform, you'll need to fill out an Authorized User List (AUL). The account owner will choose the authorized users for the account and assign user roles for each authorized user. This tells us who is allowed to do what within the account.
Roles and Permissions
Every authorized user has an assigned role which comes with certain permissions. Your role tells you what you can and can't do within each account and portfolio.
Consensus Requirement: Portfolios must have a minimum of 1 Initiator permission and 1 Approver permission at all times. Keep this in mind when you're selecting roles.
Each authorized user can only have one assigned role. However, during onboarding, we'll work with you to establish the user roster for your initial portfolio. For clients who want more customization, you can create additional portfolios and assign user access within those additional portfolios. After onboarding is complete, if you'd like additional portfolios within your account, please reach out to our Prime Operations team at [email protected]
The Administrator has full access throughout Coinbase Prime. An Administrator is a unique role in that it can perform every permission available.
An Auditor's only permission is the Read permission, which means the Auditor can view all pages within Prime as well as download statements, invoices, and reports.
The Initiator can Read and Initiate. Initiators have read-only permissions as well as the ability to initiate transfers and changes to the settings. These initiations will need to be approved by consensus.
The Approver can Read and Approve. The Approve permission grants the ability to approve or reject consensus activities, like transfers and changes to the settings. Approvers also have read-only permissions.
The Authorized Signatory can Read, Initiate, and Approve. Aside from the read-only permission, Authorized Signatories can initiate and approve consensus activities, like transfers and changes to the settings.
Traders can Read and Trade. The Trader has the read-only permission, and can also place orders via the Trade page.
Full Traders have the same Read and Trade permissions as Traders, but with the added permission of Initiate. The Full Trader can place orders via the Trade page, and can also initiate (not approve) transfers and updates to consensus settings.
Team Management has the sole permission of managing the team. The Team Management role can assign and change roles for each person in each portfolio.
Permissions are the actions that a person can take on an account and portfolio. As noted above, certain permissions are available based on the assigned role. Permissioning is essential for Consensus management as it provides checks and balances throughout the account, which provides the highest level of security.
Reminder: Portfolios must have a minimum of 1 Initiator permission and 1 Approver permission at all times.
The read permission is essentially "view only." Roles with Read enable team members to see portfolio balances, view transaction histories, see the makeup of a portfolio, and much more.
Initiate is a permission that can start actions on an account, such as withdrawals off platform, settings changes, etc. Initiated transactions will have to be approved through consensus.
Once an action is initiated, it will then be approved or denied. The Approve permission determines if an action is carried out on an account after initiation.
The trade permission gives the person with the Trader role the ability to trade crypto within that portfolio. If you have the Trade permission, you can trade crypto.
Team management allows for assigning roles and permissions to each team member within an account and portfolio. Roles can be changed later on by the Team Management permission.
Consensus is the number of user approvals needed for each action. By default, when an account is first established right after onboarding, consensus will default to a majority approval at a Portfolio level. Clients can modify consensus settings within the Prime Settings page to customize their preferences. For example, if the consensus is set to 16 and an action is initiated, 16 approvals are needed by the team in order for that trade to go through.
Video calls are a built-in security measure for Coinbase Prime. They're a way for the Prime team to verify the client really is who they say they are. Video calls are needed for certain authorizations, such as account withdrawals, on Coinbase Prime.
Roles and Permissions chart
How to fill out the Authorized User List (AUL)
Please read the definitions above to help you choose the Roles and Responsibilities on your Coinbase Prime account. You will need to fill out the AUL during onboarding for Coinbase Prime, so you must know the Roles and Responsibilities. For help filling out the AUL, know the Roles and Responsibilities and see the AUL screenshot below for guidance.