Anyshift uses role-based access control (RBAC) with three roles: Organization Admin, Project Admin, and Member.
Role Overview
| Permission | Org Admin | Project Admin | Member |
|---|
| Use Annie chat | ✓ | ✓ | ✓ |
| View project data | ✓ | ✓ | ✓ |
| Manage integrations | ✓ | ✓ | ✗ |
| Invite/remove project members | ✓ | ✓ | ✗ |
| Manage project settings | ✓ | ✓ | ✗ |
| Create projects | ✓ | ✗ | ✗ |
| Manage org admins | ✓ | ✗ | ✗ |
| Configure MFA & SSO | ✓ | ✗ | ✗ |
| Access all projects automatically | ✓ | ✗ | ✗ |
Organization Admin
Organization admins have full control over the organization and all its projects. They are automatically a project admin on every project — no per-project assignment needed.
Org admins can:
- Create and delete projects
- Promote or demote other org admins
- Enforce MFA and configure SSO
- Manage members across all projects
An org admin cannot be removed from an individual project. To revoke their access, demote them at the organization level first.
Project Admin
Project admins have read/write access to a specific project. They manage day-to-day operations like connecting integrations and inviting team members.
Project admins can:
- Configure integrations for their project
- Invite and remove project members
- Promote members to project admin
Member
Members have read-only access to the projects they are assigned to. They can use Annie to chat and explore the knowledge graph but cannot change project settings or integrations.
How Role Assignment Works
- Org admins are assigned at the organization level and automatically have admin access to every project.
- Project admins and members are assigned per project by an org admin or project admin.
- A user can have different roles on different projects (e.g., admin on one, member on another).
