Skip to main content

Roles and permissions

Roles#

As a user of the GitGuardian dashboard, you can either be an Owner, a Manager, a Member, a Viewer, or a Restricted user.

Owner: The Owner of a workspace has a full access and all rights over the entire application. Each workspace must have one and only one Owner. When the Owner deletes their user account, it also deletes their workspace and members.

Manager: A Manager has the same level of access as the workspace Owner. A Manager can change GitGuardian workspace settings, invite new workspace members and act on secrets incidents. A Manager cannot change nor delete the workspace Owner.

Member: A Member can act on and remediate secrets incidents just like a Manager, but a Member has only view access to GitGuardian workspace settings.

Viewer: A Viewer has read-only access to incidents and settings.

Restricted: A Restricted user has read/write permissions on the incidents he is given access to (by a Manager or a Member).

Permissions#

FeatureOwnerManagerMemberViewerRestricted
Access all incidents (read-only)❌, only to incidents they are given access to
Export incidents into a CSV file✅, for incidents they are given access to
Act on incidents (assign, resolve, ignore)✅, for incidents they are given access to
See the list of workspace users and their role✅, read-only access
Create and delete API Keys✅, scope is limited to scan for gg-shield
Access to API usage and the list of API keys and their status✅, limited to self-owned API keys
Launch historical scans
Invite new users and manage pending invitations
Change user roles
Set up source code integrations and notifiers integrations
Set up SSO authentication
Delete workspace