User roles
Coder allows you to assign different roles to users, and each role comes with a
distinct set of privileges regarding what the user can access and which actions
they can perform.
There are four roles available:
| Role | Description |
| Site admin | Grants full access to the system.
Note that there can only be one site admin
per system |
| Site manager | Allows access to all administrative functionality in
addition to basic usage rights |
| Auditor | Offers auditing functionality |
| Member | Allows basic usage of Coder |
Additive permissions
The following tables detail what permissions Coder grants to each of the four
roles, but a summary of the roles are:
- All users are (or have the permissions of) a member
- An auditor has the permissions of a member, plus the ability to work with
audit logs
- A site manager has the permissions of a member or an auditor, plus
additional administrative rights
- A site admin has the permissions of a member, auditor, and site manager,
as well as additional admin rights (e.g., creating site managers, access to
API keys)
Site admin permissions
| Create | Read (all) | Read (own) | List | Update (all) | Update (own) | Delete (all) | Delete (own) |
|---|
| API keys | X | X | X | X | X | X | X | X |
| Audit logs | | X | | | | | | |
| Configuration | | X | | | X | | | |
| Dev URLs | X | | X | | | X | | X |
| Workspaces | X | X | | | X | | X | |
| Extensions | X | | | | | | X | |
| Images | X | X | | | X | | X | |
| Image tags | X | X | | | X | | X | |
| Metrics | | X | X | | | | | |
| OAuth | | X | | | X | | | |
| Org members | X | X | | X | X | | X | |
| Organizations | X | X | | X | X | | X | |
| Registries | X | X | | | X | | X | |
| System banners | X | X | | | X | | X | |
| Users | X | X | X | X | X | X | X | |
Site manager permissions
| Create | Read (all) | Read (own) | List | Update (all) | Update (own) | Delete (all) | Delete (own) |
|---|
| API keys | X | | X | | | X | | X |
| Audit logs | | X | | | | | | |
| Configuration | | X | | | X | | | |
| Dev URLs | X | | X | | | X | | X |
| Workspaces | X | X | | | X | | X | |
| Extensions | X | | | | | | X | |
| Images | X | X | | | X | | X | |
| Image tags | X | X | | | X | | X | |
| Metrics | | X | X | | | | | |
| OAuth | | X | | | X | | | |
| Org members | X | X | | X | X | | X | |
| Orgs | X | X | | X | X | | X | |
| Registries | X | X | | | X | | X | |
| System banners | X | X | | | X | | X | |
| Users | X | X | X | X | X | X | X | |
Auditor permissions
| Create | Read (all) | Read (own) | List | Update (all) | Update (own) | Delete (all) | Delete (own) |
|---|
| API keys | X | | X | | | X | | X |
| Audit logs | | X | | | | | | |
| Configuration | | X | | | | | | |
| Dev URLs | X | | | | | X | | X |
| Metrics | | | X | | | | | |
| Users | | | X | X | | X | | |
Member permissions
| Create | Read (all) | Read (own) | List | Update (all) | Update (own) | Delete (all) | Delete (own) |
|---|
| API keys | X | | X | | | X | | X |
| Configuration | | X | | | | | | |
| Dev URLs | X | | X | | | X | | X |
| Metrics | | | X | | | | | |
| Users | | | X | X | | X | | |
