> For the complete documentation index, see [llms.txt](https://docs.kognitos.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.kognitos.com/guides/administration/roles-and-permissons.md). # Roles & Permissions ## Overview Kognitos uses a **role-based access control (RBAC)** system to manage who can access your automations and what actions they can perform. Roles can be assigned at two levels: 1. **Organization**: Grants access and permissions across **all workspaces** in the organization 2. **Workspace**: Limits access and permissions to a **specific workspace** in the organization ## Organization-Level Roles Organization-level roles provide broad access across all workspaces in an organization. These roles are designed for administrators who need organization-wide visibility and control. ### 1. Org Admin Has full administrative access across the organization and all its workspaces. ## Workspace-Level Roles Workspace-level roles are scoped to individual workspaces. Users can have different roles across different workspaces based on their responsibilities in the automation workflow. ### 1. Workspace Admin Complete control within a workspace, including automations, exceptions, guides, and connections. ### 2. Automation Author Focused on developing and testing automations. Can create, edit, fork, restore, validate, publish, and invoke automations. ### 3. Automation Operator Focused on day-to-day execution. Can run and monitor automations, manage runs, resolve exceptions, view connections, manage API keys, and read guides, but cannot create or modify automations or manage schedules. ### 4. IT / Integrator Manages integrations, connections, and credentials. Has no access to automation logic or exceptions, ensuring clear separation between integration management and process execution. ## Permissions | Permission | Org Admin | Workspace Admin | Author | Operator | IT / Integrator | | ------------------------------------------- | --------- | --------------- | ------ | -------- | --------------- | | **Delete Organization** | ✅ | ❌ | ❌ | ❌ | ❌ | | **View Workspaces** (org-wide) | ✅ | ❌ | ❌ | ❌ | ❌ | | **Create Workspaces** | ✅ | ✅ | ❌ | ❌ | ❌ | | **Edit Workspace** | ✅ | ✅ | ❌ | ❌ | ❌ | | **Delete Workspace** | ✅ | ❌ | ❌ | ❌ | ❌ | | **Manage Org Preferences** | ✅ | ❌ | ❌ | ❌ | ✅ | | **Manage Users** (Add, Edit, Remove) | ✅ | ✅ | ❌ | ❌ | ❌ | | **View Connections** | ✅ | ✅ | ✅ | ✅ | ✅ | | **Manage Connections** (Add, Edit, Remove) | ✅ | ✅ | ✅ | ❌ | ✅ | | **Manage Books** (Add, Edit, Remove) | ✅ | ✅ | ❌ | ❌ | ✅ | | **View Automations** | ✅ | ✅ | ✅ | ✅ | ❌ | | **Create Automations** | ✅ | ✅ | ✅ | ❌ | ❌ | | **Edit Automations** | ✅ | ✅ | ✅ | ❌ | ❌ | | **Delete Automations** | ✅ | ✅ | ✅ | ❌ | ❌ | | **Fork Automations** | ✅ | ✅ | ✅ | ❌ | ❌ | | **Publish Automations** | ✅ | ✅ | ✅ | ❌ | ❌ | | **Invoke Automations** | ✅ | ✅ | ✅ | ✅ | ❌ | | **View Automation Aggregates** | ✅ | ✅ | ❌ | ❌ | ❌ | | **View Runs** | ✅ | ✅ | ✅ | ✅ | ❌ | | **Manage Runs** (Start, Control) | ✅ | ✅ | ✅ | ✅ | ❌ | | **Archive Runs** | ✅ | ✅ | ✅ | ✅ | ❌ | | **Manage Schedules** (Create, Edit, Delete) | ✅ | ✅ | ✅ | ❌ | ❌ | | **View Exceptions** | ✅ | ✅ | ✅ | ✅ | ❌ | | **Manage Exceptions** (Control, Resolve) | ✅ | ✅ | ✅ | ✅ | ❌ | | **View Guides** | ✅ | ✅ | ✅ | ✅ | ❌ | | **Manage Guides** (Create, Edit, Delete) | ✅ | ✅ | ✅ | ❌ | ❌ | | **View Platform Resources** (Read-Only) | ✅ | ✅ | ✅ | ✅ | ✅ | | **Manage Notification Preferences** | ✅ | ✅ | ✅ | ✅ | ✅ | | **Send Chat Messages** | ✅ | ✅ | ✅ | ✅ | ❌ | | **Manage API Keys** (Add, Edit, Revoke) | ✅ | ✅ | ✅ | ✅ | ✅ | --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.kognitos.com/guides/administration/roles-and-permissons.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.