Skip to Content
AdministrationSecurityRoles & Permissions

Roles & Permissions

Role-based access control for your organization.

Advanced RBAC features require a Business plan or higher.

Organization Roles

Owner

Full control over the organization:

  • All admin permissions
  • Manage billing and subscription
  • Delete organization
  • Transfer ownership

Only one owner per organization.

Admin

Manage organization settings and members:

  • Invite and remove members
  • Manage teams
  • Configure security settings
  • View audit logs
  • Access analytics

Cannot:

  • Delete organization
  • Manage billing

Member

Standard organization access:

  • Create and manage own documents
  • Share documents with organization
  • Join teams
  • Use all features per plan

Viewer

Read-only access:

  • View shared documents
  • Add comments (if enabled)
  • Cannot edit or create documents

Resource Permissions

Documents

PermissionOwnerAdminMemberViewer
View
Edit-
DeleteOwn-
Share-

Teams

PermissionOwnerAdminMemberViewer
Create--
ManageOwn-
Delete--
Join

Organization Settings

PermissionOwnerAdminMemberViewer
View settings--
Edit settings--
Billing---
Delete org---

Changing Roles

Promote/Demote Members

  1. Go to OrganizationMembers
  2. Find the member
  3. Click role dropdown
  4. Select new role
  5. Confirm change

Role changes take effect immediately. The user may need to refresh their session.

Transfer Ownership

  1. Go to OrganizationSettings
  2. Click Transfer Ownership
  3. Select new owner
  4. Confirm transfer
  5. You become an Admin

Feature-Based Permissions

Some features have plan-based access:

FeatureFreeProBusinessEnterprise
SAML SSO--
SCIM---
BYOB---
API Access--

Best Practices

  • Limit number of owners (ideally 1-2)
  • Use Admin role sparingly
  • Assign Member for most users
  • Use Viewer for external collaborators
  • Review permissions regularly

Next Steps

Last updated on
SCIM ProvisioningStorage (BYOB)