Documentation Index
Fetch the complete documentation index at: https://developers.circle.com/llms.txt
Use this file to discover all available pages before exploring further.
Role-based access control (RBAC) in the
StableFX Console governs what each user
can see and do, with roles assigned at the account level across all users in an
organization.
Account types
The console supports two account types that determine the trading perspective:
| Account type | Description |
|---|
| Taker | Requests quotes, creates trades, and funds settlements. This is the primary trading role. |
| Maker | Reviews incoming trades, signs them to confirm intent, and funds the counterparty side of settlements. |
User roles
Each user is assigned one or more roles that control their permissions in the
console:
Taker roles
| Role | View trades | Create trades | Sign & fund | Manage team |
|---|
| Taker (Read & Write) | Yes | Yes | Yes | No |
| Taker (Read Only) | Yes | No | No | No |
| Taker (Limited AR) | Yes | Limited | Limited | No |
Maker roles
| Role | View trades | Sign trades | Fund trades | Manage team |
|---|
| Maker (Read & Write) | Yes | Yes | Yes | No |
| Maker (Read Only) | Yes | No | No | No |
| Maker (Limited AR) | Yes | Limited | Limited | No |
Admin capabilities
Account administrators can:
- Add and remove team members
- Assign roles and permissions to users
- Generate, rotate, and revoke API keys
- Configure trading parameters (for example, risk buffer percentages)
The Admin role is typically assigned to the account owner during onboarding.
Additional admins can be added through the team management interface.
Permission-gated features
Certain features in the console are only visible or accessible based on your
role:
| Feature | Required permission |
|---|
| View live rates | Any StableFX role |
| View trade history | Any StableFX role |
| Open trade form (taker) | Taker write role |
| Create a trade | Taker write role |
| Sign a confirmed trade (maker) | Maker write role + trade signature permission |
| Fund a trade | Write role (taker or maker) |
| Batch settle trades | Write role (taker or maker) |
| Access onboarding | KYB application permission |
| Download trade reports (CSV) | Any StableFX role |
API key permissions
API keys generated through the console inherit permissions based on their type:
| Key type | Can create quotes | Can create trades | Can read trades |
|---|
| Read & Write | Yes | Yes | Yes |
| Read Only | No | No | Yes |
Maker accounts cannot create quotes or trades via API, even with a Read &
Write key. These operations are restricted to taker accounts.
Onboarding requirements by role
| Role | KYB required | Individual screening | Wallet required |
|---|
| Admin | Yes | Yes (testnet and mainnet) | No |
| Taker / Maker (Read & Write) | Yes | Yes | Yes (for signing/funding) |
| Taker / Maker (Read Only) | No | No | No |
Users with a Read Only role are exempt from individual KYC screening. All
other roles require screening before access is granted.
Compliance controls
The console enforces several compliance controls:
- IP-based geo-blocking: Access is restricted from sanctioned and high-risk
jurisdictions.
- Sanctions screening: All non-viewer users undergo automated sanctions
screening during onboarding and on an ongoing basis.
- Mainnet gating: Users cannot access mainnet if any sanctions screening
alerts are unresolved.
- Activity logging: All actions (trades, signatures, API key changes, role
assignments) are logged with user ID and timestamp for audit purposes.
See also
