# Access Control for Workspace

<figure><img src="/files/7V8ZqJeDpvLOT4sBo5V3" alt=""><figcaption></figcaption></figure>

## Workspace Roles

There are four levels of Workspace Roles:

| Role Name        | Description                                                   | Summary                                                                                             |
| ---------------- | ------------------------------------------------------------- | --------------------------------------------------------------------------------------------------- |
| Workspace Owner  | Account that has permissions for managing workspace settings. | Can change workspace settings and invite new members to join the workspace.                         |
| Workspace Editor | Account that has permissions for editing several resources.   | Can edit notebooks and create connections. Cannot change workspace settings and invite new members. |
| Workspace Viewer | Account that has permissions for viewing several resources.   | Can browse notebooks. Cannot edit notebooks or create connections.                                  |
| Workspace Guest  | Account that has permissions just for Reports.                | <p>Can browse only shared reports.<br>Guest cannot belong to any group.</p>                         |

{% hint style="info" %}
In Codatum, the terms Owner, Editor, and Viewer are collectively referred to as “Member”. When including the Guest role, the collective term used is “User”. This distinction, while not critical, can be helpful to keep in mind.
{% endhint %}

## Workspace Operations and Access Control Rules

Here we detail the specific actions that can be executed in the workspace and the necessary roles needed to perform them.

| Operations                                                                       | category       | Required Workspace-Role |
| -------------------------------------------------------------------------------- | -------------- | ----------------------- |
| <p>Invite and remove users</p><p>Change user account roles</p>                   | user           | Workspace Owner         |
| View audit logs and user activity history                                        | audit logs     | Workspace Owner         |
| View information about the workspace                                             | workspace info | Workspace Viewer        |
| View information of all groups                                                   | group          | Workspace Viewer        |
| <p>Create, delete, and edit groups</p><p>Add and remove users to/from groups</p> | group          | Workspace Owner         |


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.codatum.com/access-control/access-control-for-workspace.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.