Skip to content

Roles and Permissions

The platform has 2 roles for organization members.

Roles

Role Purpose
Admin Administrator — full control over the organization: settings, team, DataSources, integrations, billing
User Regular member — works with findings and reports

Permission matrix

Capability Admin User
View dashboard and findings
Change finding status (acknowledge, resolve, false positive)
Add comments to findings
Create reports
Export reports
Manage DataSources
Connect detection services and paste API keys
Configure scan schedules
Configure notifications and webhooks
Invite new users
Change user roles
Remove users from the organization
View Audit log
Change organization name and settings
Billing and subscription
Delete organization

How to change a role

  1. Settings → Members.
  2. Find the user → click on their current role.
  3. Pick the new one.
  4. Save.

The action is logged in the Audit log.

Best practices

  • Principle of least privilege — give Admin only to people who actually need control over settings.
  • Admin — security lead, IT lead (usually 2-3 people per organization).
  • User — the rest of the team working with findings.

The first user

Whoever creates the organization automatically gets the Admin role. They can invite others and assign their role.

If the only Admin leaves the company — before removal someone else must be promoted to Admin (otherwise the organization is left without management). If this already happened — support@bytecode.team.