> ## Documentation Index > Fetch the complete documentation index at: https://docs.superblocks.com/llms.txt > Use this file to discover all available pages before exploring further. # Organization role permission reference > Full reference to permissions assignable to users with organization roles export const PermissionList = ({type}) => { const permissions = [{ "permission": "access_tokens:manage", "permission_label": "Manage org access tokens", "description": "Access to create, view, update, and delete org-wide access tokens.", "ref": { "title": "Manage access tokens", "url": "/administration/security/access-tokens" }, "resource": "Access tokens", "roles": ["Owner", "Admin"] }, { "permission": "access_tokens:read", "permission_label": "View org access tokens", "description": "Access to view org-wide access tokens. Can only view token metadata, not token values.", "ref": { "title": "Manage access tokens", "url": "/administration/security/access-tokens" }, "resource": "Access tokens", "roles": ["Owner", "Admin"] }, { "permission": "agents:manage", "permission_label": "Manage On-Premise Agents", "description": "Deploy and manage On-Premise Agents used to execute organization code.", "ref": { "title": "About On-Premise Agent", "url": "/on-premise-agent/overview" }, "resource": "Agents", "roles": ["Owner", "Admin"] }, { "permission": "agents:read", "permission_label": "View On-Premise Agents", "description": "View On-Premise Agents registered to execute organization code.", "ref": { "title": "About On-Premise Agent", "url": "/on-premise-agent/overview" }, "resource": "Agents", "roles": ["Owner", "Admin", "Developer"] }, { "permission": "apps:create", "permission_label": "Create Applications", "description": "Access to create new Application", "type": "development", "ref": { "title": "About Applications", "url": "/applications/overview" }, "resource": "Applications", "roles": ["Owner", "Admin", "Developer"] }, { "permission": "apps:update", "permission_label": "Edit applications", "description": "Edit application, including creating branch and commits.", "resource": "Applications", "roles": ["Owner", "Admin", "Admin", "Developer"], "resource_roles": [] }, { "permission": "apps:deploy", "permission_label": "Deploy app commits", "description": "Deploy a commit on the application's default branch to make it live for end-users.", "resource": "Applications", "roles": ["Owner", "Admin", "Admin", "Developer"], "resource_roles": [] }, { "permission": "apps:delete", "permission_label": "Delete applications", "resource": "Applications", "roles": ["Owner", "Admin", "Admin"], "resource_roles": [] }, { "permission": "apps:manage_visibility", "permission_label": "Make applications publicly visible", "resource": "Applications", "roles": ["Owner", "Admin", "Admin"], "resource_roles": [] }, { "permission": "apps:share", "permission_label": "Manage access to applications", "resource": "Applications", "roles": ["Owner", "Admin", "Admin"], "resource_roles": [] }, { "permission": "apps:preview", "permission_label": "View branch & commit previews applications", "resource": "Applications", "roles": ["Owner", "Admin", "Admin", "Developer"], "resource_roles": [] }, { "permission": "apps:view", "permission_label": "View live version of applications", "resource": "Applications", "roles": ["Owner", "Admin", "Admin", "Developer", "End-User"], "resource_roles": [] }, { "permission": "folders:manage", "permission_label": "Manage home page folders", "description": "Access to create, update, and delete folders users see on the Superblocks home page.", "resource": "Folders", "roles": ["Owner", "Admin", "Developer"] }, { "permission": "groups:manage", "permission_label": "Manage user groups", "description": "Access to create, view, update, and delete organization groups.", "ref": { "title": "Managing user groups", "url": "/administration/groups/managing-groups" }, "resource": "Groups", "roles": ["Owner", "Admin"] }, { "permission": "groups:read", "permission_label": "View user groups", "description": "Access to view organization groups.", "ref": { "title": "Managing user groups", "url": "/administration/groups/managing-groups" }, "resource": "Groups", "roles": ["Owner", "Admin", "Developer", "End-User"] }, { "permission": "groups.members:manage", "permission_label": "Manage group members", "description": "Access to add and remove members from user groups.", "ref": { "title": "Manage group members", "url": "/administration/groups/managing-groups#add-members-to-a-group" }, "resource": "Groups", "roles": ["Owner", "Admin"] }, { "permission": "groups.members:read", "permission_label": "View group members", "description": "Access to see which users are members of a group.", "ref": { "title": "Managing user groups", "url": "/administration/groups/managing-groups" }, "resource": "Groups", "roles": ["Owner", "Admin", "Developer", "End-User"] }, { "permission": "integrations:create", "permission_label": "Create Integration", "type": "development", "description": "Access to create new Integrations", "ref": { "title": "About Integrations", "url": "/integrations/overview" }, "resource": "Integrations", "roles": ["Owner", "Admin", "Developer"] }, { "permission": "integrations:update", "permission_label": "Update integration credentials/configurations", "resource": "Integrations", "roles": ["Owner", "Admin", "Admin"], "resource_roles": [] }, { "permission": "integrations:delete", "permission_label": "Delete integrations", "resource": "Integrations", "roles": ["Owner", "Admin", "Admin"], "resource_roles": [] }, { "permission": "integrations:share", "permission_label": "Manage access to integrations", "resource": "Integrations", "roles": ["Owner", "Admin", "Admin"], "resource_roles": [] }, { "permission": "integrations:build", "permission_label": "Use integrations in APIs", "resource": "Integrations", "roles": ["Owner", "Admin", "Admin"], "resource_roles": [] }, { "permission": "logs:read", "permission_label": "View organization audit logs", "description": "Access logs for the organization. Logs many contain agent, profile, repository, or user information not otherwise accessible by viewer.", "ref": { "title": "About Logs", "url": "/admin/audit-logs" }, "resource": "Logs", "roles": ["Owner", "Admin", "Developer"] }, { "permission": "logs.streams:manage", "permission_label": "Manage log streams", "description": "Access to add, update, and remove Observability integrations used to stream logs to 3rd party monitoring platforms.", "ref": { "title": "Streaming Logs to Observability vendor", "url": "/development-lifecycle/monitor/observability" }, "resource": "Logs", "roles": ["Owner", "Admin"] }, { "permission": "logs.streams:read", "permission_label": "View log streams", "description": "Access to view Observability integrations configured for the organization.", "ref": { "title": "Streaming Logs to Observability vendor", "url": "/development-lifecycle/monitor/observability" }, "resource": "Logs", "roles": ["Owner", "Admin"] }, { "permission": "org:manage", "permission_label": "Manage organization meta", "description": "Access to fully manage the organization, including the org's name, domains, plan, etc.", "resource": "Org", "roles": ["Owner"] }, { "permission": "org:read", "permission_label": "View organization meta", "description": "Read-only access to organization settings like org name, domains, etc.", "resource": "Org", "roles": ["Owner", "Admin", "Developer", "End-User"] }, { "permission": "org.users:manage", "permission_label": "Manage org members", "description": "Access to invite members to the organization, manage invites, and deactivate/reactivate member accounts.", "ref": { "title": "Managing members", "url": "/administration/members" }, "resource": "Org", "roles": ["Owner", "Admin"] }, { "permission": "org.users:read", "permission_label": "View org members", "description": "Access to view who is a member of the organization.", "ref": { "title": "Managing members", "url": "/administration/members" }, "resource": "Org", "roles": ["Owner", "Admin", "Developer", "End-User"] }, { "permission": "profiles:manage", "permission_label": "Manage profiles", "description": "Access to create, view, update, and delete data profiles for the organization.", "ref": { "title": "About Profiles", "url": "/development-lifecycle/build/profiles" }, "resource": "Profiles", "roles": ["Owner", "Admin"] }, { "permission": "profiles:read", "permission_label": "View profiles", "description": "Access to view the organization's data profiles.", "ref": { "title": "About Profiles", "url": "/development-lifecycle/build/profiles" }, "resource": "Profiles", "roles": ["Owner", "Admin", "Developer"] }, { "permission": "repos:manage", "permission_label": "Manage repositories", "description": "Access to create, view, update, and delete connection git repositories.", "ref": { "title": "Set up repositories", "url": "/development-lifecycle/source-control/setup/" }, "resource": "Repositories", "roles": ["Owner", "Admin", "Developer"] }, { "permission": "repos:read", "permission_label": "View repositories", "description": "Access to view connection git repositories.", "ref": { "title": "Set up repositories", "url": "/development-lifecycle/source-control/setup/" }, "resource": "Repositories", "roles": ["Owner", "Admin", "Developer"] }, { "permission": "roles:manage", "permission_label": "Manage roles & permissions", "description": "Access to create, view, update, and delete custom organization and resource roles. This permission does not let users assign custom roles.", "ref": { "title": "Manage roles & permissions", "url": "/administration/rbac" }, "resource": "Roles", "roles": ["Owner", "Admin"] }, { "permission": "roles:read", "permission_label": "View org roles & permissions", "description": "Access to view organization and resource roles.", "ref": { "title": "Manage roles & permissions", "url": "/administration/rbac" }, "resource": "Roles", "roles": ["Owner", "Admin", "Developer"] }, { "permission": "jobs:create", "permission_label": "Create Scheduled Jobs", "type": "development", "description": "Access to create new Scheduled Jobs", "ref": { "title": "About Scheduled Jobs", "url": "/scheduled-jobs/overview" }, "resource": "Scheduled Jobs", "roles": ["Owner", "Admin", "Developer"] }, { "permission": "jobs:update", "permission_label": "Edit Scheduled Jobs", "resource": "Scheduled Jobs", "roles": ["Owner", "Admin", "Admin", "Developer"], "resource_roles": [] }, { "permission": "jobs:deploy", "permission_label": "Deploy job commits", "resource": "Scheduled Jobs", "roles": ["Owner", "Admin", "Admin", "Developer"], "resource_roles": [] }, { "permission": "jobs:delete", "permission_label": "Delete Scheduled Jobs", "resource": "Scheduled Jobs", "roles": ["Owner", "Admin", "Admin"], "resource_roles": [] }, { "permission": "jobs:share", "permission_label": "Manage development access to Scheduled Jobs", "resource": "Scheduled Jobs", "roles": ["Owner", "Admin", "Admin"], "resource_roles": [] }, { "permission": "jobs:manage_schedule", "permission_label": "Manage cron schedule associated with Scheduled Jobs", "resource": "Scheduled Jobs", "roles": ["Owner", "Admin", "Admin", "Developer"], "resource_roles": [] }, { "permission": "jobs:run", "permission_label": "Start one time execution of Scheduled Jobs", "resource": "Scheduled Jobs", "roles": ["Owner", "Admin", "Admin", "Developer"], "resource_roles": [] }, { "permission": "secrets_stores:manage", "permission_label": "Manage secret stores", "description": "Access to create and manage organization secret stores.", "ref": { "title": "Using secret managers", "url": "/development-lifecycle/build/secrets-management" }, "resource": "Secret stores", "roles": ["Owner", "Admin"] }, { "permission": "workflows:create", "permission_label": "Create Workflows", "type": "development", "description": "Access to create new Workflows", "ref": { "title": "About Workflows", "url": "/workflows/overview" }, "resource": "Workflows", "roles": ["Owner", "Admin", "Developer"] }, { "permission": "workflows:update", "permission_label": "Edit Workflows", "resource": "Workflows", "roles": ["Owner", "Admin", "Admin", "Developer"], "resource_roles": [] }, { "permission": "workflows:deploy", "permission_label": "Deploy Workflow commits", "resource": "Workflows", "roles": ["Owner", "Admin", "Admin", "Developer"], "resource_roles": [] }, { "permission": "workflows:delete", "permission_label": "Delete Workflows", "resource": "Workflows", "roles": ["Owner", "Admin", "Admin"], "resource_roles": [] }, { "permission": "workflows:share", "permission_label": "Manage developer access to Workflows", "resource": "Workflows", "roles": ["Owner", "Admin", "Admin"], "resource_roles": [] }]; let filteredPermissions = permissions; if (type === 'governance') { filteredPermissions = permissions.filter(item => !item.resource_roles && item?.type !== 'development'); } else if (type === 'development') { filteredPermissions = permissions.filter(item => !item.resource_roles && item.type === 'development'); } else if (type === 'resources') { const resourceGroups = permissions.filter(item => !!item.resource_roles).reduce((acc, item) => { if (!acc[item.resource]) { acc[item.resource] = []; } acc[item.resource].push(item); return acc; }, {}); return <> {Object.entries(resourceGroups).map(([resource, perms]) =>

{resource}

{perms.map(item => )}
Permission Description
{item.permission} {item.description || item.permission_label}
)} ; } return {filteredPermissions.map(item => )}
Permission Description More info
{item.permission} {item.description || item.permission_label} {item.ref && {item.ref.title}}
; }; Organization-level roles control the Superblocks features members can access, the administrative actions they can perform, and the level of access users have to all current and future resources created in the org. ## Governance ## Development ## Resource-level access Custom organization roles can also be used to grant the following access to **all current and future resources** in the organization.