Roles & Permissions
Every API key has a role that determines what it can do within a project.
- owner — full control, can delete the project. Assigned during bootstrap or project creation. Cannot be changed.
- admin — can manage team and keys, but cannot delete the project.
- member — can create and delete snapshots and files. Cannot manage team or keys.
- viewer — read-only access to all resources.
Permission matrix
Section titled “Permission matrix”| Action | owner | admin | member | viewer |
|---|---|---|---|---|
| Create snapshot | Yes | Yes | Yes | No |
| List/get snapshots | Yes | Yes | Yes | Yes |
| Delete snapshot | Yes | Yes | Yes | No |
| Compare snapshots | Yes | Yes | Yes | Yes |
| Upload file | Yes | Yes | Yes | No |
| List/download files | Yes | Yes | Yes | Yes |
| Delete file | Yes | Yes | Yes | No |
| Create API key | Yes | Yes | No | No |
| Revoke API key | Yes | Yes | No | No |
| Update project | Yes | Yes | No | No |
| Delete project | Yes | No | No | No |
| List members | Yes | Yes | Yes | Yes |
| Invite member | Yes | Yes | No | No |
| Update member role | Yes | Yes | No | No |
| Remove member | Yes | Yes | No | No |
| Create webhook | Yes | Yes | No | No |
| Update/delete webhook | Yes | Yes | No | No |
| View usage | Yes | Yes | Yes | Yes |
Role assignment
Section titled “Role assignment”- Bootstrap assigns
ownerautomatically - Create API key / Invite member lets you specify
admin,member, orviewer(defaults tomember) - Admins cannot promote anyone to
owneror demote the project owner