Skip to content
Spacelift Flows

Managing Permissions

In Flows, there are two levels of permissions:

  • On the organization level, a user may be either a regular user or an organization admin.
  • Additionally, users may be added to projects with specific roles, which determine what they can do within that project.

Project Roles

Section titled “Project Roles”

Flows supports four roles on the project level:

  • Consumer - may use Flow http endpoints, MCP servers, and (soon) forms. The primary project access path for these users is through the Service Catalog.
  • Viewer - may view everything inside the project, including details of Flows, and events or logs inside those Flows.
  • Editor - may create and modify Flows and installations inside the project.
  • Admin - may manage project settings, including adding/removing users and changing their roles. They can also manage custom apps and secrets.

Assigning Roles

Section titled “Assigning Roles”

In order to assign a role to a user, click “Membership” in the left sidebar with the project active. Then click the “Add members” button in the top right. You can pick users and teams there and assign them one of the four roles.