Overview
Organization roles determine what actions members can perform within the organization and its projects. Understanding roles helps you grant appropriate access to team members.
Available Roles
Owner
The organization creator or designated owner with full control.| Capability | Access |
|---|---|
| View organization | Yes |
| Create projects | Yes |
| Delete projects | Yes |
| Invite members | Yes |
| Remove members | Yes |
| Change member roles | Yes |
| Update organization settings | Yes |
| Manage security settings | Yes |
| Delete organization | Yes |
Admin
Full administrative access without the ability to delete the organization.| Capability | Access |
|---|---|
| View organization | Yes |
| Create projects | Yes |
| Delete projects | Yes |
| Invite members | Yes |
| Remove members | Yes |
| Change member roles | Yes |
| Update organization settings | Yes |
| Manage security settings | Yes |
| Delete organization | No |
Member
Standard access with permissions determined at the project level.| Capability | Access |
|---|---|
| View organization | Yes |
| Create projects | No |
| Delete projects | No |
| Invite members | No |
| Remove members | No |
| Change member roles | No |
| Update organization settings | No |
| Manage security settings | No |
| Delete organization | No |
Role Comparison Matrix
| Action | Owner | Admin | Member |
|---|---|---|---|
| View organization | ✓ | ✓ | ✓ |
| View projects list | ✓ | ✓ | ✓ |
| Access assigned projects | ✓ | ✓ | ✓ |
| View organization entities | ✓ | ✓ | ✓ |
| Create projects | ✓ | ✓ | ✗ |
| Delete projects | ✓ | ✓ | ✗ |
| Access organization settings | ✓ | ✓ | ✗ |
| Invite members | ✓ | ✓ | ✗ |
| Remove members | ✓ | ✓ | ✗ |
| Change member roles | ✓ | ✓ | ✗ |
| Configure SSO | ✓ | ✓ | ✗ |
| Configure audit logs | ✓ | ✓ | ✗ |
| Leave organization | ✓ | ✓ | ✓ |
| Delete organization | ✓ | ✗ | ✗ |
Changing Member Roles
Only Owners and Admins can change member roles.
The role change takes effect immediately.
Role Change Dialog
When changing a role, you’ll see:| Field | Description |
|---|---|
| Member Name | The member whose role is being changed |
| Member Email | Their email address |
| Current Role | Their existing role |
| New Role | Dropdown to select the new role |
Removing Members
Owners and Admins can remove members from the organization.
When a member is removed:
- They immediately lose access to the organization
- They lose access to all projects within the organization
- Their past actions remain in activity logs
- They can be re-invited later if needed
Project-Level Permissions
Organization roles determine organization-level access. Within projects, additional permission levels apply:| Project Role | Capabilities |
|---|---|
| Owner | Full project access, can delete project |
| Admin | Full project access, cannot delete |
| Editor | Can view and edit data |
| Viewer | Read-only access |
Organization Admins and Owners automatically have full access to all projects. Members need to be explicitly granted access to each project.
Role Recommendations
When to Use Owner
- Organization creator
- Primary account holder
- Person responsible for billing
- Only one or two people should be Owners
When to Use Admin
- Department heads
- Team leads
- IT administrators
- People who need to manage members and settings
When to Use Member
- Regular team members
- External collaborators
- Contractors
- Anyone who only needs project access
Best Practices
Limit Owner and Admin roles
Limit Owner and Admin roles
Keep the number of Owners and Admins small. Most users should be Members with project-specific access.
Use least-privilege principle
Use least-privilege principle
Give members only the access they need. Start with Member role and upgrade if necessary.
Review roles regularly
Review roles regularly
Periodically audit member roles and remove unnecessary elevated permissions.
Document role assignments
Document role assignments
Keep track of why certain people have Admin or Owner roles.
Have backup Owners
Have backup Owners
Ensure at least two people have Owner access in case one is unavailable.
Troubleshooting
Cannot change a member's role
Cannot change a member's role
You need Admin or Owner permissions to change roles. Check your own role in the Members list.
Cannot remove the last Owner
Cannot remove the last Owner
Organizations must have at least one Owner. Transfer ownership to another member before leaving or removing the Owner.
Member can't access settings
Member can't access settings
Members don’t have access to organization settings. They need to be upgraded to Admin or have an Admin make changes for them.
Role change not taking effect
Role change not taking effect
The member may need to refresh their browser or log out and back in for changes to take effect.