Beta Limitations for Organizations

Organizations Beta gives institutional clients a fully functional governance layer for their Kraken accounts.

What is included in Beta

During Beta you can:

  • Create an Organization and invite team members
  • Assign permissions for trading, funding, and administration
  • Configure approval policies per workflow
  • Require multi-party approval for withdrawals, address changes, access changes, and policy changes
  • Lock policies to prevent unilateral changes
  • Create Service Users for programmatic API access
  • Enforce Organization Sign-in 2FA and session timeout policies

Current limitations

The following limitations apply during Beta and are expected to change in future releases.

Single-account model

Your Organization operates on the Owner's primary account. Multi-account trading — where Members operate across separate sub-accounts with independent balances — is not yet available.

What this means: All Members with trading permissions trade on the same account and share the same balances and positions.

Limited permission scope

Members can only perform operations where the platform has a defined Organization permission. The available permissions are:

  • Trade (Spot and Margin)
  • Earn Allocate / Deallocate
  • Initiate Withdrawal
  • Manage Addresses
  • Manage Access
  • Manage Policies

Owner-only operations

Operations not listed above remain exclusive to the Organization Owner. This includes:

  • Futures trading
  • OTC trading
  • Convert
  • Custody settlements
  • Any platform operation without a corresponding Organization permission

The Owner performs these using the same flows as before Organization creation. Other Members cannot access these operations during Beta.

No client-facing audit logs

Security events and audit logs for Member activity are not available during Beta. A self-service audit dashboard is planned but not yet available.

Custom roles cannot be saved

You can create custom permission configurations when assigning roles, but you cannot save a custom role as a reusable template. Each time you assign a custom role, you configure it from scratch.

Email confirmation sent to Owner

When a Member uses Execute to complete an address change immediately, the system requires email confirmation. During Beta, this confirmation is always sent to the Organization Owner, not to the Member who initiated the change. Sending the confirmation to the request creator directly is planned for a future release.

No public Organizations management API

During Beta, there is no public Organizations management API for member invitation, permission management, policy configuration, or policy locking. Programmatic access is limited to Service Users acting through API key permissions on supported flows.

Known differences:

  • Member invitation and permission management — available in the UI only
  • Policy configuration and locking — available in the UI only
  • Withdrawal requests — available through Service Users / API keys; when an Organization policy is configured, the request enters the approval queue
  • Trading and Earn operations via Service Users — available through API keys only (Service Users cannot access the UI)

Check the Kraken API documentation for the latest on supported API key operations.

If an operation you need is not yet available through your preferred channel, check the other channel or contact support for guidance.

Withdrawal API response shape changes

When an account is enrolled in an Organization, the withdrawFunds EAPI response shape changes. Integrations parsing the standard shape need code updates before enrollment.

Applies only to Organization users in the extended domain. Non-Organization accounts are unchanged.

Standard response:

<code>{
 "error": [],
 "result": {
  "refid": "FTRqeuR-9Is99qcv54n0Y0535oPXxb"
 }
}</code>

Organization response:

<code>{
 "error": [],
 "result": {
  "refid": "FTcLNGa-4ZWmo4GCo8wrBNZz5v53v9",
  "approval_request_id": "656a021a-1d55-42c9-853a-aea57bf5abd1"
 }
}</code>

Behavior:

  • refid is still returned at request creation and continues to identify the withdrawal.
  • approval_request_id is added and identifies the approval request that gates this withdrawal.
  • The withdrawal completes only after the approval request is approved. Rejected or expired approval requests do not produce a completed withdrawal against the refid.

Recommended action before enrollment:

  • Audit code that parses withdrawFunds responses.
  • Update parsing to accept the additional approval_request_id field and to treat completion as approval-gated.

What's next

The Organizations team is actively working on expanding the feature set beyond Beta. Areas under development include:

  • Multi-account support with segregated balances
  • Expanded permission coverage for additional platform operations
  • Client-facing audit logs and activity dashboard
  • Reusable custom role templates

Specific timelines and availability will be communicated through official Kraken channels.

Need more help?