Within your organization, it may be appropriate to limit which parts of Spreedly’s web applications each user can access. Role-based access control (RBAC) provides a mechanism to accomplish this. With RBAC, you can assign certain roles to users in your organization, in accordance with the functions they need to perform.
Spreedly offers four pre-configured roles: An Administrator role, which has full access to the organization, and three limited-access roles, detailed below. Each user must have at least one role, and users may have multiple roles. Roles are initially assigned when a user is added to your organization, and can be updated by an Administrator at any time. (Users who were part of your organization prior to the introduction of RBAC default to having the Administrator role.)
|Includes permissions of all other roles plus:
|Allows a User to create or modify environments and access secrets.
|Allows a user to log in to Chargify and modify the billing account. For someone in finance/accounting, this role would be sufficient. (Not available to Enterprise customers.)
|Allows a User to access Spreedly’s Dashboard. Users with the Analyst role will be able to see a list of environments on Spreedly’s Dashboard, regardless of their other roles. Perfect for a business analyst, for example.
Role-based access control applies only to interacting with Spreedly on the web — access to the Spreedly API is still controlled by separate API credentials. RBAC can be used to limit who can view and create new API credentials, but it cannot be used to limit or revoke existing credentials.
Visit Spreedly Docs for more information on RBAC.