Granular permissions for enterprise teams. Control who can access what with fine-grained RBAC policies.
Full control over the organization. Can manage users, billing, security settings, and all resources.
Can create and modify all workspaces, models, and data. Cannot manage team or access audit logs.
Can edit models and run scenarios in existing workspaces. Cannot create new workspaces or access raw data.
Read-only access to results and reports. Can view outputs but cannot modify anything or run code.
Define custom roles with any combination of permissions. Match your organization's structure exactly.
Apply permissions at the workspace, model, or data level. Segment access by project or team.
Sync roles from your identity provider. SAML and OIDC support for enterprise SSO.
Roles can inherit permissions from parent roles. Build hierarchies that scale with your org.