At some point you'll want to invite others to contribute, review or manage content, and if you're an agency or large enterprise, you'll want to enable advanced permissions such as schema editing and environments across the development team.
That's why at GraphCMS we have a set of default roles available for you to use, and even the ability to create your own custom roles for ultimate granularity within your use case.
The default roles available are;
- Contributor: Ability to create and update content.
- Editor: Everything Contributor can do and delete content.
- Developer: Can do everything Editor can, and create, update and delete models/enums.
- Admin: Can do everything a Developer can, and manage teams, create and update projects.
- Owner: Can do everything Admin can, and change billing and delete projects.
Once you're ready to invite a user, head your project settings and choose "Members" from the sidebar. It's here you can manage your team, custom roles and pending invites.
Let's go ahead and invite someone to our team...
All that's needed is an email and a role...
That's it! The invitee will then receive an email with a link to accept the invitation, and if the user is already a GraphCMS user, they will be able to see this project and their own in their project select screen after sign-in.
But what about custom roles I hear you ask...
Well we've made it just as easy to create a custom role.
Once you click
+ Create New, you'll be presented with a form to give the custom role a
Description and permissions picker.
To speed things up, you can copy permissions from another default or custom role, and then fine tune. Otherwise you can go ahead and select the required permissions.
For this example, we'll create a new custom role for
API Access Commander. The purpose of this role is to only allow users of this role to create, read, update and deleting Permanent Auth Tokens, as well as
Read stages and
Read existing environments.
Now if I go ahead and invite a new user using the
API Access Commander role, they'll be limited in what they can do once logged in!
📌 Don't forget to add
Read stages and
Read existing environments to the accepted permissions.
That's it! When the invited user logs in they'll notice a restricted sidebar.