Roles
A role is the single switch that decides what each person can do in your workspace, from read-only viewing to full administration.
Permissions matrix
What each role can do, at a glance. Every workspace also has an Owner (the person who created it) with the same full capabilities as an Admin.
| Action | Viewer | Contributor | Admin |
|---|---|---|---|
| View Dimensions | ✓ | ✓ | ✓ |
| Add / edit Dimension values | – | ✓ | ✓ |
| Create / delete Dimensions | – | – | ✓ |
| Manage Workbooks | – | ✓ | ✓ |
| View scenarios | ✓ | ✓ | ✓ |
| Invite / manage users | – | – | ✓ |
| Manage groups and roles | – | – | ✓ |
| Workspace settings | – | – | ✓ |
Role descriptions
Viewer
Viewers have read-only access. They can browse Dimensions and view data, including read-only scenarios, but cannot change anything. This role works well for stakeholders who need visibility without edit rights.
Contributor
Contributors can view and edit Dimension values, manage their own Workbooks, and work with existing Dimensions day to day. Dimensions and scenarios are read-only to them. They cannot create or delete Dimensions, manage users, or change workspace settings.
Contributor is the default role assigned to new invitations when no role is specified.
Admin
Admins have full control over the workspace. They can create and delete Dimensions, invite and manage users, configure groups and roles, and update workspace settings. Every workspace needs at least one Admin.
Assigning a role
You can set a user’s role in two places:
- At invite time. When you invite someone from Settings > Users > Invite, select the role before sending the invitation.
- After the fact. Open Settings > Users, find the user in the table, click their current role badge, and select a new one. The change takes effect immediately.
See Users for the full invite and management flow.
Things to keep in mind
You cannot remove the Admin role from the last remaining Admin. Promote another user to Admin first.
- A user can hold only one role at a time. Changing their role replaces the previous one.
- Role changes apply workspace-wide. There is no per-Dimension role override.
- To control which rows a user’s actions apply to, use Scope groups. Roles decide what a user can do; scope groups decide which data they can do it to.