Roles & Permissions

Futurity uses role-based access control (RBAC) to manage what you can do within your organization.

Understanding RBAC

How It Works

Permissions define specific actions (e.g., “create workflows”)
Roles group permissions together (e.g., “Editor” role)
You are assigned roles
You can do what your role permits

Hierarchy

Organization Owner
    ↓
Administrators
    ↓
Custom Roles
    ↓
Members

Built-in Roles

Owner

The organization creator. Has all permissions and cannot be removed.

Full access to everything
Can transfer ownership
Cannot be suspended or removed

Administrator

Full administrative access:

Manage users and roles
Access all organization settings
View all content
Full feature access

Member

Standard user access:

Use Corint
Access Vault (owned and shared files)
Create and run workflows
View assigned dashboards

Viewer

Read-only access:

View shared content
Cannot create or edit
Cannot access sensitive settings

Permission Categories

Corint

Permission	Description
`corint:access`	Use Corint AI assistant
`corint:create_agents`	Create custom agents
`corint:manage_agents`	Edit/delete any agent

Vault

Permission	Description
`vault:access`	Access Vault feature
`vault:upload`	Upload files
`vault:share`	Share files with others
`vault:delete`	Delete files
`vault:manage`	Manage all organization files

Workflows

Permission	Description
`workflows:access`	View workflows
`workflows:create`	Create new workflows
`workflows:edit`	Edit existing workflows
`workflows:delete`	Delete workflows
`workflows:activate`	Turn workflows on/off
`workflows:manage`	Manage all organization workflows

Dashboards

Permission	Description
`dashboards:access`	View dashboards
`dashboards:create`	Create dashboards
`dashboards:edit`	Edit dashboards
`dashboards:delete`	Delete dashboards
`dashboards:manage`	Manage all organization dashboards

Integrations

Permission	Description
`integrations:access`	Use connected integrations
`integrations:manage`	Connect/disconnect integrations

Organization

Permission	Description
`org:view_settings`	View organization settings
`org:edit_settings`	Modify organization settings
`org:manage_users`	Add/remove users
`org:manage_roles`	Create/edit roles
`org:billing`	Access billing settings

Creating Custom Roles

Navigate to Role Editor

Go to Organization → Role Editor
Create New Role

Click + New Role
Name the Role

Give it a descriptive name (e.g., “Marketing Team”)
Select Permissions

Check the permissions this role should have
Save Role

Click Save

Example Custom Roles

Content Creator

corint:access
corint:create_agents
vault:access
vault:upload
vault:share

Workflow Administrator

workflows:access
workflows:create
workflows:edit
workflows:activate
workflows:manage

External Collaborator

vault:access (limited to shared folders)
dashboards:access

Managing Roles

Editing Roles

Go to Organization → Role Editor
Select the role to edit
Modify permissions
Click Save

Deleting Roles

Select the role
Click Delete
Assign affected users to a different role
Confirm deletion

Duplicating Roles

Create a new role based on an existing one:

Select the role to copy
Click Duplicate
Rename and modify as needed
Save the new role

Assigning Roles

Single User

Go to User Management
Click on the user
Click Edit Role
Select the new role
Save

Bulk Assignment

Select multiple users (checkbox)
Click Bulk Actions
Select Change Role
Choose the role
Apply

Permission Inheritance

Some permissions imply others:

manage permissions include view/edit/delete
org:manage_roles requires org:view_settings
Admin role bypasses most permission checks

Best Practices

Principle of least privilege: Give minimum necessary access
Use roles, not individual permissions: Easier to manage
Regular audits: Review who has what access
Document custom roles: Keep records of what each role is for
Test before deploying: Verify roles work as expected