Organization Roles
:::info Coming Soon This feature is under active development. The design below reflects our planned implementation. :::
Organization roles control what members can do within an organization. These are separate from application-level roles and are scoped to a specific organization.
Default Roles
Every organization comes with two built-in roles:
| Role | Description |
|---|---|
| Admin | Can manage organization settings, members, invitations, and billing |
| Member | Can access organization resources but cannot change settings or manage members |
Custom Roles
Applications will be able to define custom organization roles to match their specific needs. For example, a project management tool might define roles like project_manager, developer, and viewer.
Custom roles are defined at the application level and are available to all organizations within that application.
Permissions
Organization roles will use a permission system with the following planned permissions:
| Permission | Description |
|---|---|
org:manage | Manage organization settings (name, logo, etc.) |
org:delete | Delete the organization |
org:members:read | View the member list |
org:members:write | Invite, update, and remove members |
org:roles:read | View available roles |
org:roles:write | Create and modify custom roles |
org:billing:read | View billing information |
org:billing:write | Manage billing settings |
Role Assignment
- When a user creates an organization, they are assigned the admin role.
- When a user accepts an invitation, they receive the role specified in the invitation.
- Organization admins can change a member's role at any time.