The following tables provide information on the rights and privileges granted to Qwiet users based on their assigned roles. The first major section covers organization-related roles, while the second covers team-related roles.
For more information about organization-related vs. team-related roles, see RBAC.
Organization roles
Administrative control and subscriptions
| Owner | Super admin | Power user | Member | Guest |
|---|
| Change org owner | ✅ | | | | |
|---|
| Assign super admin role | ✅ | | | | |
|---|
| Delete an org | ✅ | | | | |
|---|
| Claim and use Ocular license | ✅ | ✅ | ✅ | ✅ | ✅ |
|---|
| Manage Ocular licenses | ✅ | ✅ | | | |
|---|
| Upgrade Qwiet subscription | ✅ | ✅ | | | |
|---|
Organization management
| Owner | Super admin | Power user | Member | Guest |
|---|
| Get basic info about the org | ✅ | ✅ | ✅ | ✅ | ✅ |
|---|
| Update org info | ✅ | ✅ | | | |
|---|
| Get org configuration | ✅ | ✅ | | | |
|---|
| Update org configuration | ✅ | ✅ | | | |
|---|
| Manage SAML config | ✅ | ✅ | | | |
|---|
| Get list of org's integration tokens | ✅ | ✅ | | | |
|---|
| Create an integration token | ✅ | ✅ | | | |
|---|
| Delete integration tokens | ✅ | ✅ | | | |
|---|
Team and user management
| Owner | Super Admin | Power User | Member | Guest |
|---|
| List org users | ✅ | ✅ | ✅ | ✅ | |
|---|
| List teams in the org | ✅ | ✅ | ✅ | | |
|---|
| Get info about teams | ✅ | ✅ | ✅ | | |
|---|
| Create invite to add users to the org | ✅ | ✅ | | | |
|---|
| See pending invites | ✅ | ✅ | | | |
|---|
| Delete pending invites | ✅ | ✅ | | | |
|---|
| Update teams (modify which users and apps are affiliated with a team) | ✅ | ✅ | | | |
|---|
| Update users' roles | ✅ | ✅ | | | |
|---|
| Delete a team (does not delete the users or apps) | ✅ | ✅ | | | |
|---|
| Delete users | ✅ | ✅ | | | |
|---|
App management
| Owner | Super admin | Power user | Member | Guest |
|---|
| List org apps | ✅ | ✅ | ✅ | ✅ | ✅ |
|---|
| Create (add) a new app via the Qwiet CLI | ✅ | ✅ | ✅ | | |
|---|
| Add an app via GitHub integration | ✅ | ✅ | ✅ | | |
|---|
| Delete an app | ✅ | ✅ | ✅ | | |
|---|
| Update app configuration (e.g., VCS settings, policies) | ✅ | ✅ | ✅ | | |
|---|
| Update custom policies | ✅ | ✅ | | | |
|---|
| Owner | Super admin | Power user | Member | Guest |
|---|
| Read/write comments on findings | ✅ | ✅ | ✅ | ✅ | ✅ |
|---|
| Read results from analysis | ✅ | ✅ | ✅ | ✅ | ✅ |
|---|
| Update findings metadata | ✅ | ✅ | ✅ | ✅ | |
|---|
| Submit an app for analysis | ✅ | ✅ | ✅ | | |
|---|
Team roles
Team and user management
| Team admin | Team manager | Team member | Team guest |
|---|
| List users that belong to the org | ✅ | ✅ | ✅ | |
|---|
| List own teams | ✅ | ✅ | | |
|---|
| Get info about own teams | ✅ | ✅ | | |
|---|
| Update team members | ✅ | ✅ | | |
|---|
App management
| Team admin | Team manager | Team member | Team guest |
|---|
| Add an app | ✅ | ✅ | | |
|---|
| Delete an app | ✅ | | | |
|---|
| Update app configuration (e.g., VCS settings, policies) | ✅ | ✅ | | |
|---|
| List org apps | | | | |
|---|
| Create (add) a new app via the Qwiet CLI | | | | |
|---|
| Add an app via GitHub integration | | | | |
|---|
| Team admin | Team manager | Team member | Team guest |
|---|
| Read results from analysis | ✅ | ✅ | ✅ | ✅ |
|---|
| Read/write comments on findings | ✅ | ✅ | ✅ | ✅ |
|---|
| Update findings metadata | ✅ | ✅ | ✅ | |
|---|
| Submit an app for analysis | ✅ | ✅ | | |
|---|