API Reference Permissions for v2
Organizations
All members of an organization are assigned a role that governs the permissions they have to modify the organization. There are four role types in an organization:
- Owner
- Admin
- User
- Guest
Owner
The owner of the organization can add, delete and modify users and update organizational settings. They also have the same functionality as a user of the organization. The owner cannot be removed from the account, and they will always be an administrator for the account. Only the owner of the account can modify organization settings.
Admin
Admins have the same capabilities as the owner, except they cannot access the Organization Settings tab. The owner and other admins can make any organization member an administrator by opening the user’s settings and checking the option for the administrator.
User
A User in an organization can view any public workspace shared with the organization, and private workspace they own or have been invited to, and they can create new workspaces. They can also invite collaborators into workspaces they own or to which they have “share” access.
Guest
Guest members in an organization can only see the workspaces they have been invited to; they cannot see any public workspaces in the organization. In the workspaces that they have been invited to, they have the same abilities as a regular user.
| Access public workspaces | Create workspaces | Invite guests to workspaces | Add, delete, modify users | Approve guest invitations | Access to organizational settings | |
|---|---|---|---|---|---|---|
| Owner | Yes | Yes | Yes | Yes | Yes | Yes |
| Admin | Yes | Yes | Yes | Yes | Yes | No |
| Member | Yes | Yes | Yes | No | No | No |
| Visitor | No, must be invited | No | No | No | No | No |
Additional Notes
- Bluescape users can be a User, Admin, or Owner in one organization and a Guest User in other organizations.
- In the context of an SSO organization, only Users authorized in the company’s Identity Provider (IdP) will be allowed access – for example, if an Admin adds a User who is not authorized in the IdP, they will receive an error when they try to log in.
Workspaces
When users are invited to collaborate on a workspace, the permissions they have to modify content and invite other users to the workspace are governed by the workspace role they are assigned. There are three role types in a workspace - Viewer, Editor, and Editor+.
Viewer: This limits collaborators to only being able to view, interact, and download assets within the workspace. They cannot move, add, or delete assets nor can draw or erase. They cannot invite collaborators into the workspace.
Editor: This allows users to fully collaborate within the space with no restrictions on adding, removing, or manipulating the workspace. They cannot invite collaborators into the workspace.
Editor+: This allows users to fully collaborate within the space with no restrictions on adding, removing, or manipulating the workspace. They can invite collaborators into the workspace.
Where to Next?
Not what you were looking for? Reply below or Search the community and discover more Bluescape.