Home
Documentation
Help Center

RBAC Permission and Roles

Available roles and permissions in Coalesce

Suggest Edits
Preview

This feature is currently available in a private preview and may not be accessible to all customers.


Table Key

  • Read(R) - A user can view the data, but not create or update the data.
  • Write (W) - A user can create something new or modify existing information. This includes, creating, updating, and deleting.

Organization Level Roles

RolePermissions SummaryRecommended For
Organization Administrator
  • The creator of the Coalesce App is automatically assigned as organization administrator.
  • Only organization administrators can add other users, including other organization administrators.
  • They have full access to all functionality in Coalesce.
Full administrative control
Organization Contributor
  • They can’t add new users to the organization.
  • They have access to read documentation, create API tokens, user settings, and Git account information.
  • They will be able to set up a project, configure Git, add members to projects, and oversee work.
  • Only have access to the projects created by them. If there are multiple organization contributors, they will need to share access with the organization contributor.
Managers who decide how each person will contribute to a project.
Organization Member
  • This is the default role.
  • They can edit Git account information, create API tokens, and read documentation.
Default Role

Organization Roles Permissions

Permissions Org Admin Org Contributor Org Member
Organization Settings
Users W
SSO W
Preferences W
User Settings
Git Account W W W
Support Information W W W
Account Security W W W
Project Management
Create New Project W W
Documentation
Org Level Documentation R R R
Project Management
List Projects R
Delete Project W
Configure Git Account W
Project Settings
Project Details W
Git Repository W
Members W
Build Settings
Storage Locations W
Workspace Settings W
Create a new Environment W
Macros W
Custom Node Types W
Packages W
Build Interface Sidebar
Add Source W
Nodes W
Subgraphs W
Jobs W
Problem Scanner W
Git Settings W
Workspace Setttings
Workspace W
User Credentials W
Storage Mapping W
Parameters W
OAuth Settings W
Duplicate Settings W
Copy workspace objects W
Documentation
Workspace Documentation R
Deploy Interface
Generate Access Token W W W
Deploy W
Cancel Run W
View Run R
View Run History - Deploy/Refresh R
Environment Settings
Settings W
User Credentials W
Parameters W
OAuth Settings W
Members W
Documentation
Environment Level Documentation R
API/CLI - Environments
GET All Environments R
GET a Environment R
API/CLI - Nodes
GET a Node R
GET All Nodes R
API/CLI - Jobs
POST Start Job W
GET Job Status R
POST Job Refresh W
POST Cancel Job W
API/CLI - Runs (and rerun)
GET a Run R
GET All Runs R
GET Run Results R

Project Level Roles

RolePermissions SummaryRecommended For
Project Administrator
  • This role can manage projects, but not create them.
  • An organization administrator can or organization contributor can create projects.
  • The role has access to projects, deployments, and environments.
Team manager or senior team member to manage projects.
Project Architect
  • This role can manage certain project information, build nodes, and generate API tokens.
  • Assign this role to a data architect so they build the needed node types, set storage locations, and create macros.
Senior data architects.
Project Contributor
  • A project contributor can’t edit or create custom nodes or macros.
  • They read only access to certain project settings.
  • They have read access to UDNs, Macros, and Packages.
Junior data architects who don't need full write access to the project.
Project MemberProject Members can only access a list of projects. This is so they can be given access to an Environment within a project.Use this to grant Environment permissions. The user will still need to be added to the Environment.

Project Roles Permissions

  • Project roles have no Organization permissions.
Permissions Project Admin Project Architect Project Contributor Project Member
Organization Settings
Users
SSO
Preferences
User Settings
Git Account
Support Information
Account Security
Project Management
Create New Project
Documentation
Org Level Documentation
Project Management
List Projects R R R R
Delete Project W
Configure Git Account W W W
Project Settings
Project Details W R R
Git Repository W R R
Members W R R
Build Settings
Storage Locations W W W
Workspace Settings W W W
Create a new Environment W
Macros W W R
Custom Node Types W W R
Packages W W R
Build Interface Sidebar
Add Source W W W
Nodes W W W
Subgraphs W W W
Jobs W W W
Problem Scanner W W W
Git Settings W W W
Workspace Setttings
Workspace W W W
User Credentials W W W
Storage Mapping W W W
Parameters W W W
OAuth Settings W W W
Duplicate Settings W W W
Copy workspace objects W W W
Documentation
Workspace Documentation R R R
Deploy Interface
Generate Access Token W W W
Deploy W
Cancel Run W
View Run R
View Run History - Deploy/Refresh R
Environment Settings
Settings W
User Credentials W
Parameters W
OAuth Settings W
Members W
Documentation
Environment Level Documentation R R R
API/CLI - Environments
GET All Environments R
GET a Environment R
API/CLI - Nodes
GET a Node R
GET All Nodes R
API/CLI - Jobs
POST Start Job W
GET Job Status R
POST Job Refresh W
POST Cancel Job W
API/CLI - Runs (and rerun)
GET a Run R
GET All Runs R
GET Run Results R

Environment Level Roles

RolePermissions SummaryRecommended For
Environment AdminThis role manages environment settings, reads project documentation and deploy either through the API, CLI, or Coalesce App.Data platform engineer or operations who would approve deployments and schedule jobs.
Environment Reader
  • This role only has access to the documentation for the environment they are added to.
  • They have access to certain API functions to get deployment information.
Business analyst or data analyst.

Environment Roles Permissions

  • Environment roles have no organization permissions.
  • Environment roles have access to view a list of projects only.
Permissions Environment Admin Environment Reader
Organization Settings
Users
SSO
Preferences
User Settings
Git Account
Support Information
Account Security
Project Management
Create New Project
Documentation
Org Level Documentation
Project Management
List Projects
Delete Project
Configure Git Account
Project Settings
Project Details
Git Repository
Members
Build Settings
Storage Locations
Workspace Settings
Create a new Environment
Macros
Custom Node Types
Packages
Build Interface Sidebar
Add Source
Nodes
Subgraphs
Jobs
Problem Scanner
Git Settings
Workspace Setttings
Workspace
User Credentials
Storage Mapping
Parameters
OAuth Settings
Duplicate Settings
Copy workspace objects
Documentation
Workspace Documentation
Deploy Interface
Generate Access Token W W
Deploy W
Cancel Run W
View Run R R
View Run History - Deploy/Refresh R R
Environment Settings
Settings W
User Credentials W
Parameters W R
OAuth Settings W
Members W R
Documentation
Environment Level Documentation R R
API/CLI - Environments
GET All Environments R R
GET a Environment R R
API/CLI - Nodes
GET a Node R R
GET All Nodes R R
API/CLI - Jobs
POST Start Job W
GET Job Status R R
POST Job Refresh W
POST Cancel Job W
API/CLI - Runs (and rerun)
GET a Run R R
GET All Runs R R
GET Run Results R R

Updated about 2 months ago