Roles & Permissions
AccelOS uses role-based access control (RBAC) to manage what users can do within the platform. This guide explains the available roles and their permissions.Role Hierarchy
AccelOS has two roles:| Role | Description |
|---|---|
| Admin | Full administrative access to manage users, integrations, and settings |
| Member | Standard access to use the platform for investigations |
Permission Details
Member
Members can:- Start and conduct investigations
- Query connected integrations
- Read and search the knowledge base
- Create and edit their own documents
- View their investigation history
- Manage other users
- Add or modify integrations
- Access admin settings
- Delete other users’ content
Admin
Admins have all Member permissions, plus:- User Management: Invite, remove, and manage team members
- Integration Management: Add, edit, and remove integrations
- Knowledge Base Admin: Edit or delete any document
- Settings Access: Configure organization settings
- Billing: Manage subscription and payment
Managing Users
Inviting Users (Admin)
1
Navigate to Users
Go to Users from the Settings section in the sidebar.
2
Click Invite
Click the Invite User button.
3
Enter Details
Provide:
- Email address
- Role to assign (Member or Admin)
4
Send Invitation
Click Send Invite. The user will receive an email to join.
Changing User Roles (Admin)
1
Find the User
Go to Users and locate the user.
2
Edit Role
Click the role dropdown next to their name.
3
Select New Role
Choose the new role and confirm.
Removing Users (Admin)
1
Find the User
Go to Users and locate the user.
2
Remove
Click the menu icon and select Remove User.
3
Confirm
Confirm the removal. The user will immediately lose access.
Best Practices
Principle of Least Privilege
Principle of Least Privilege
Assign the minimum role needed for each user’s responsibilities:
- Most team members should be Members
- Only team leads or managers need Admin
Regular Access Reviews
Regular Access Reviews
Periodically review user access:
- Remove users who have left the team
- Verify role assignments are still appropriate
- Check for unused accounts
Multi-Tenant Architecture
AccelOS supports multiple organizations (tenants):- Each organization has its own users, integrations, and knowledge base
- Data is isolated between organizations
- Users can belong to multiple organizations
- Switch between organizations from the account menu
SSO Integration
For enterprise customers, AccelOS supports Single Sign-On:- OIDC/OAuth2: Connect to your identity provider
- Role Mapping: Map IdP groups to AccelOS roles
- Just-in-Time Provisioning: Automatically create users on first login
Audit Logging
All administrative actions are logged:- User invitations and removals
- Role changes
- Integration modifications
- Settings changes
FAQ
Can I have multiple Admins?
Can I have multiple Admins?
Yes, you can have multiple Admins. We recommend having at least 2 Admins for redundancy.
What happens when I remove a user?
What happens when I remove a user?
The user immediately loses access. Their investigation history is retained for audit purposes, but they can no longer access the platform.
Can Members create integrations?
Can Members create integrations?
No, only Admins can create, edit, or delete integrations. Members can only use existing integrations for investigations.