Roles
Every user has exactly one role.- Admin
- Member
Admins have unrestricted access to the entire platform, including:
- User Hub — manage all users, roles, and permissions
- Provider Hub — configure API keys and custom LLM endpoints
- Billing — manage subscription, seats, and payment methods
- Settings — MFA enforcement, App Hub, Team Hub
- All chat and workspace features — no restrictions
Permission Flags
Permission flags give Admins fine-grained control over what each Member can access. These flags have no effect on Admin users since Admins always have full access.| Flag | Controls Access To | Default |
|---|---|---|
can_access_automation_hub | Automation Hub — view, create, and manage automation workflows | Off |
can_view_knowledge_hub | Knowledge Hub — browse company knowledge, search documents | Off |
can_contribute_company_knowledge | Upload documents and add content to the company knowledge base | Off |
can_delete_knowledge_entities | Remove documents and entities from the Knowledge Hub | Off |
Permission flags are independent of each other. For example, a user can have
can_view_knowledge_hub enabled without can_contribute_company_knowledge — they can browse but not add content.Common Permission Configurations
Here are typical setups for different team roles:Changing Permissions
Toggle permission flags
Enable or disable individual permission flags using the toggle switches in the permissions section.