Built-in roles
Admin
Full access to workspace settings, billing, all projects, and member management. Assign sparingly.
Member
Can create projects, manage content, and invite collaborators within their projects. Cannot access billing or workspace settings.
Viewer
Read-only access to projects they are explicitly added to. Cannot create, edit, or delete content.
Custom roles
Custom roles let you define precise permission sets for teams with non-standard access needs. Each custom role is built by selecting from a list of granular permissions. To create a custom role:- Go to Settings → Roles → New role.
- Give the role a name and optional description.
- Toggle individual permissions on or off.
- Save and assign to members.
Custom roles are available on Business and Enterprise plans. Workspace Admins can create and manage up to 20 custom roles.
Common custom role patterns
| Role | Permissions |
|---|---|
| Data analyst | Read access to analytics dashboards and reports, no access to settings or user management. |
| Integration manager | Full access to integrations and connectors, read-only access to projects. |
| Billing contact | Access to billing settings only, no access to workspace data. |
Per-project overrides
A member’s workspace-level role can be overridden for specific projects. Project-level roles take full precedence within that project. To assign a per-project role:- Open the project and go to Settings → Members.
- Find the member and select a role from the dropdown.
- Save changes.