Role-based Access Control (RBAC)
Uffizzi provides role-based access to limit user privileges across your organization's account, projects and previews. The following list provides a summary Uffizzi RBAC roles and objects that may be restricted with RBAC.
Accounts are associated with a customer billing account, typically the customer's company or organization. Accounts are at the top of the RBAC hierarchy. Currently, users may belong to only one organization (Support for membership in multiple organizational accounts is coming soon. As a temporary workaround, a user can be a member of multiple accounts by using different email logins.)
Teams are Accounts associated with a group or organization. See Teams and Accounts for more details.
Members are individual users that are associated with an Account and have an assigned access role of Owner, Developer, or View Only. The Member who creates an Account is by default the Admin of that account. An account must always have at least one Admin.
If a Member's Organization has enabled SSO for their account, then a Member must utilize the SSO function to log in to their account. Admins are still able to login in via email/password to administer SSO configuration. See Single Sign-on for more details.
Owners can do all and see all within an Account. Owners can view and edit every Project and previews. This is the highest level of permission for an account. Uniquely, Owners control the RBAC, Team creation/deletion, adding Team Members, Projects, integrations, settings and billing. An Account must have at least one Owner.
Developers can view, create, and edit Projects. They cannot edit Account-level settings like Billing, SSO, Team Members or integrations. A Developer can create Projects and be invited to Projects.
View Only users can see every Project and Owner Settings but cannot edit anything within Uffizzi.