Roles and Permissions¶
The platform has 2 roles for organization members.
Roles¶
| Role | Purpose |
|---|---|
| Admin | Administrator — full control over the organization: settings, team, DataSources, integrations, billing |
| User | Regular member — works with findings and reports |
Permission matrix¶
| Capability | Admin | User |
|---|---|---|
| View dashboard and findings | ✅ | ✅ |
| Change finding status (acknowledge, resolve, false positive) | ✅ | ✅ |
| Add comments to findings | ✅ | ✅ |
| Create reports | ✅ | ✅ |
| Export reports | ✅ | ✅ |
| Manage DataSources | ✅ | ❌ |
| Connect detection services and paste API keys | ✅ | ❌ |
| Configure scan schedules | ✅ | ❌ |
| Configure notifications and webhooks | ✅ | ❌ |
| Invite new users | ✅ | ❌ |
| Change user roles | ✅ | ❌ |
| Remove users from the organization | ✅ | ❌ |
| View Audit log | ✅ | ❌ |
| Change organization name and settings | ✅ | ❌ |
| Billing and subscription | ✅ | ❌ |
| Delete organization | ✅ | ❌ |
How to change a role¶
- Settings → Members.
- Find the user → click on their current role.
- Pick the new one.
- Save.
The action is logged in the Audit log.
Best practices¶
- Principle of least privilege — give Admin only to people who actually need control over settings.
- Admin — security lead, IT lead (usually 2-3 people per organization).
- User — the rest of the team working with findings.
The first user¶
Whoever creates the organization automatically gets the Admin role. They can invite others and assign their role.
If the only Admin leaves the company — before removal someone else must be promoted to Admin (otherwise the organization is left without management). If this already happened — support@bytecode.team.