# Owner & administrator guide

Use this guide to set up and manage a Wallet-as-a-Service (Palisade) organization if you have the **Owner** or **Administrator** role.

Owner vs. Administrator
Owners and administrators share nearly identical permissions. The key difference: only **owners** can update organization-level settings. See [User roles and permissions](/products/wallet/user-interface/users-and-roles/user-roles-and-permissions) for the full permission matrix.

## What you can do

Use the table below to find the guide for each administrative task.

| Task | Guide |
|  --- | --- |
| Accept your invitation, sign in, and plan your org structure | [Initial setup](/products/wallet/admin-guide/initial-setup) |
| Invite, block, reset, and manage users | [Manage users and roles](/products/wallet/admin-guide/manage-users-and-roles) |
| Configure SSO with an identity provider | [Configure single sign-on](/products/wallet/admin-guide/configure-sso) |
| Approve, block, and manage devices | [Manage devices](/products/wallet/admin-guide/manage-devices) |
| Create quorums, reshare and restructure keys | [Manage MPC quorums](/products/wallet/admin-guide/manage-mpc-quorums) |
| Create vaults and wallets, configure wallet settings | [Configure wallets and vaults](/products/wallet/admin-guide/configure-wallets-and-vaults) |
| Design and apply transaction policies | [Configure transaction policies](/products/wallet/admin-guide/configure-policies) |
| Register counterparties and blockchain addresses | [Manage counterparties and addresses](/products/wallet/admin-guide/manage-counterparties) |
| Set up approval groups for governance | [Configure approval flows](/products/wallet/admin-guide/configure-approval-flows) |
| Create and scope API credentials | [Manage API credentials](/products/wallet/admin-guide/manage-api-credentials) |
| Set up webhook notifications | [Configure webhooks](/products/wallet/admin-guide/configure-webhooks) |
| Automate fund consolidation with sweeps | [Configure asset sweeping](/products/wallet/admin-guide/configure-asset-sweeping) |
| Freeze and unfreeze transactions for compliance | [Configure transaction freeze controls](/products/wallet/admin-guide/configure-transaction-freeze) |
| Create backup and recovery kits for wallet keys | [Configure backup and recovery](/products/wallet/admin-guide/configure-backup-and-recovery) |
| Stream audit logs to AWS Firehose | [Configure audit logging](/products/wallet/admin-guide/configure-audit-logging) |


## Before you begin

Make sure you have:

- An invitation email from Palisade for an Owner or Administrator account
- At least 2 devices available for MPC key shard distribution (mobile devices running Palisade Mobile, CloudSign instances, or a combination)
- A list of team members you plan to invite, along with their intended roles


Sandbox and production
Ripple provides sandbox access during onboarding so you can configure and test the platform before going live. Complete your setup in sandbox first, then repeat in production.

| Environment | Console URL | API base URL |
|  --- | --- | --- |
| Sandbox | `https://app.sandbox.palisade.co` | `https://api.sandbox.palisade.co` |
| Production | `https://app.palisade.co` | `https://api.palisade.co` |


## Recommended setup order

If you are setting up a new organization, follow these guides in order. Each step builds on the previous one.

1. [Initial setup](/products/wallet/admin-guide/initial-setup) — Sign in and plan your organization structure
2. [Configure single sign-on](/products/wallet/admin-guide/configure-sso) — Set up SSO before inviting users (if applicable)
3. [Manage users and roles](/products/wallet/admin-guide/manage-users-and-roles) — Invite your team
4. [Manage devices](/products/wallet/admin-guide/manage-devices) — Approve devices for MPC signing
5. [Configure backup and recovery](/products/wallet/admin-guide/configure-backup-and-recovery) — Set up AWS infrastructure for key backups before creating quorums
6. [Manage MPC quorums](/products/wallet/admin-guide/manage-mpc-quorums) — Create signing quorums and assign backup kits
7. [Configure wallets and vaults](/products/wallet/admin-guide/configure-wallets-and-vaults) — Create vaults and wallets
8. [Configure transaction freeze controls](/products/wallet/admin-guide/configure-transaction-freeze) — Configure wallet-level freeze behavior before enabling sends
9. [Configure transaction policies](/products/wallet/admin-guide/configure-policies) — Define allowed transactions
10. [Manage counterparties and addresses](/products/wallet/admin-guide/manage-counterparties) — Register external destinations
11. [Configure approval flows](/products/wallet/admin-guide/configure-approval-flows) — Add governance and human oversight
12. [Manage API credentials](/products/wallet/admin-guide/manage-api-credentials) — Set up programmatic access (if needed)
13. [Configure webhooks](/products/wallet/admin-guide/configure-webhooks) — Receive real-time event notifications
14. [Configure asset sweeping](/products/wallet/admin-guide/configure-asset-sweeping) — Automate fund consolidation (if needed)
15. [Configure audit logging](/products/wallet/admin-guide/configure-audit-logging) — Stream organization activity to AWS Firehose for compliance