User management and RBAC

Inviting users to your organisation

Go to Settings > People > Invite people. Users can be invited as Contributors or Viewers. To grant Admin access, promote the user after they've accepted the invite.

This can also be done via the Invite user to organization workspace API endpoint.

Adding users to workspaces

Workspaces are used to divide your organisation into sub-sections, such as by department or environment (e.g. dev, prod). See Tray org setup for more details.

To add existing users to a workspace, go to Workspace settings > People in workspace and search for the user.

This can also be done via the Add user to workspace API endpoint.

Assigning roles to users

When added to a workspace, users inherit their role from the organisation. You can then edit individual user roles within the workspace, with the exception of Org Owners and Admins.

This can also be done via the Update user role API endpoint.

Deleting users

To delete a user, go to Settings > People and select the user.

When a user is deleted, any assets in their Personal Workspace (workflows, authentications and services) are preserved and transferred to a new shared workspace in their name. The user or API user who performed the deletion is added to that workspace; other admins can add themselves if needed.

This can also be done via the Delete user API endpoint. To remove a user from a workspace only, use the Remove user from workspace endpoint.

Role-Based Access Control (RBAC)

Asset management

Assets include workflows, projects, solutions*, custom services, authentications and logs.

* Solutions are Embedded only

RBAC matrix

* Within workspaces the user belongs to