User management and RBAC
Adding new users to your OrgCopy
This action can also be carried out using the Invite user to organization workspace endpoint:
Go to Settings > People > Invite people:
Make sure you have your new member's email address and use a ,
to separate multiple invites if there is more than one.
Notice that their access level will depend on the box you enter them in (Contributor vs Viewer):
Adding users to workspacesCopy
This action can also be carried out using the Add user to workspace endpoint:
In order to invite pre-existing users to a workspace, make sure you are in the correct workspace and click on 'Workspace settings' and 'People in workspace'
Use the search bar to find someone within your organization you want to add. Click Add people to add them to the workspace:
Assigning roles to usersCopy
This action can also be carried out using the Update user role endpoint.
When adding users to workspaces they will inherit their roles from the Organization workspace:
Once added to a workspace you can edit the roles of individual users (with the exception of Org owners and admins):
Deleting usersCopy
You can delete users from a workspace with the Remove user from workspace endpoint.
You can delete users from an entire organization with the Delete user endpoint.
Users can be deleted from a workspace via the 'People & Settings' section of the dashboard.
When a user is deleted on your end, that user's assets are still available for 30 days.
During this period, the workflows and authentications owned by the deleted user will continue to function and are still viewable and usable by admins and the owner.
You can access these workflows from the 'People' section of the dashboard.
Personal authentications and personal workflows owned by this user will be non-functional and unrecoverable after the 30-day period
Any auths or workflows on the organization level will still be available.
One thing to note is if the third-party account associated with an auth was also owned by the deleted user, the auth will fail when that third-party account becomes deprecated.
Before the 30 days elapse, we advise that your team replace the deleted user's personal authentications on any enabled workflow. You will need to replace those authentications with an equivalent authentication that exists either on (a) the organization level or (b) lives in another active user's personal account.
You also should move any of the deleted user's personal workflows that you want to keep to an organization or shared workspace.
If a user has custom services in their account, it may not be possible to delete that user. You should move the services to another account.
For example, if you have several trial accounts and want to add that user to the main one you plan to use, you should contact support. Deleting users from another account for this purpose can cause issues.
Role-Based Access Control (RBAC)Copy
Available user roles in TrayCopy
Role | Description |
---|---|
Owner | The owner of the Organization account - one per organization |
Admin | Has the most privilege on all assets |
Contributor | Has enough privileges to contribute to projects by creating workflows, services and authentications |
View Only | Can only view certain assets |
Settings managementCopy
Available org settings in TrayCopy
Setting | Details |
People | Add / Edit / Delete users and their auths |
Workspaces | Add / Edit / Delete people in workspaces |
General | Basic workspace details - including name and task limits |
Usage / billing | Reporting on task usage and billing |
Insights | Analytics for troubleshooting problem workflows |
Tokens* | Create tokens for API access |
Embedded settings** | Specify Embedded ID etc. |
Customization** | Specify custom CSS for the Config Wizard |
* If you are a non-Embedded customer and require tokens for API access, please contact support
** Embedded only
Org settings RBAC matrix
Copy
* Can only view workspaces that the user belongs to
Asset managementCopy
Available assets in TrayCopy
Asset |
---|
Workflows |
Projects |
Solutions** |
Custom services |
Authentications |
Logs |
** Embedded only
Assets RBAC matrixCopy
Role | Assets | ||
---|---|---|---|
Manage Projects/Workflows/Solutions | Manage Services | Manage Authentications | |
Owner | CRUD | CRUD | CRUD |
Admin | CRUD | CRUD | CRUD |
Contributor | CRUD* | CRUD* | CRUD* |
Viewer | R* | -- | R* |
* Can only view workspaces that the user belongs to
Logs RBAC matrixCopy
Role | Read Logs | Replay executions |
---|---|---|
Owner | R | U |
Admin | R | U |
Contributor | R | U |
View Only | R | -- |