Reference
User Roles
Role-based access control and permissions in CodeWall.
CodeWall uses role-based access control (RBAC) to manage what team members can see and do.
Roles
| Role | Description |
|---|---|
| Owner | Full access to everything including billing and organization deletion |
| Admin | Manage team members, targets, tests, and organization settings |
| Member | Create and manage tests, view and manage findings |
| Viewer | Read-only access to tests and findings |
Permission matrix
| Action | Owner | Admin | Member | Viewer |
|---|---|---|---|---|
| View tests and findings | Yes | Yes | Yes | Yes |
| Create tests | Yes | Yes | Yes | No |
| Manage test configuration | Yes | Yes | Yes | No |
| Mark findings (resolve, false positive) | Yes | Yes | Yes | No |
| Export reports (PDF, CSV) | Yes | Yes | Yes | Yes |
| Manage targets | Yes | Yes | No | No |
| Invite / remove team members | Yes | Yes | No | No |
| Manage integrations | Yes | Yes | No | No |
| Configure SSO | Yes | Yes | No | No |
| Manage billing | Yes | No | No | No |
| Delete organization | Yes | No | No | No |
| Transfer ownership | Yes | No | No | No |
Managing roles
See Team Members for instructions on inviting users and changing roles.
SSO and role mapping
If your organization uses SSO (SAML or OIDC), you can map identity provider groups to CodeWall roles. This ensures team members are automatically assigned the correct role when they sign in. See Organization Settings for SSO configuration.