Roles & Permissions

Control what team members can do in your organization.

Role Hierarchy

Owner (Full Control)
  ↓
Admin (Management)
  ↓
Guest (Default)

Role Comparison

Owner
Admin
Guest

Full organizational control✅ Can do:

Everything Admins can do
Manage billing and subscriptions
Transfer ownership
Delete organization
View all usage and costs
Configure SSO (Enterprise)

Limit: 1-2 per organization recommended

Permission Matrix

Permission	Owner	Admin	Guest
Connect AI endpoints	✅	✅	❌
Manage groups	✅	✅	❌
Invite members	✅	✅	❌
Remove members	✅	Below Admin	❌
View organization analytics	✅	✅	❌
Use AI connections	✅	✅	✅ (via groups)
Manage billing	✅	❌	❌
Delete organization	✅	❌	❌

Groups & Access Control

AgentFlow uses groups to control access to AI connections: How Groups Work:

Admins/Owners create groups (e.g., “Marketing Team”, “Support Team”)
AI connections are assigned to groups
Users are added to groups
Users can only access AI connections in their groups

Example: “Marketing Team” Group

Contains: Content writing AI, social media AI
Members: Marketing staff (guest role)
Can: Use assigned AI connections for marketing tasks

Example: “Engineering Team” Group

Contains: Code assistant AI, documentation AI
Members: Developers (guest role)
Can: Use assigned AI connections for development tasks

Changing Roles

Navigate to Team

Organization → Team Members

Find Member

Search or scroll to find team member

Change Role

Click role dropdown → Select new role

Confirm

Confirm role change (immediate effect)

Role changes take effect immediately. The user’s current session continues but with new permissions.

Best Practices

Principle of Least Privilege

Grant minimum permissions needed:

All users default to Guest role
Upgrade to Admin only when they need to manage AI connections or users
Limit Owners to 1-2 trusted people

Separate Duties

Owners: Strategic decisions, billing, organization management
Admins: AI connection management, user management, group configuration
Guests: Use AI connections, participate in conversations

Use Groups for Access Control

Create groups based on teams or use cases
Assign AI connections to groups
Add users to appropriate groups
Review group memberships regularly

Regular Audits

Monthly: Review active members and group assignments
Quarterly: Audit role assignments and AI connection access
Remove access immediately when members leave

Next: Managing Members

Learn how to manage your team members

Getting Started

AI Agents

Conversations

Organization

Agent Distribution

Analytics & Insights

Security & Privacy

Support

Roles & Permissions

Roles & Permissions

Role Hierarchy

Role Comparison

Permission Matrix

Groups & Access Control

Changing Roles

Best Practices

Next: Managing Members

Getting Started

AI Agents

Conversations

Organization

Agent Distribution

Analytics & Insights

Security & Privacy

Support

​Roles & Permissions

​Role Hierarchy

​Role Comparison

​Permission Matrix

​Groups & Access Control

​Changing Roles

​Best Practices

Next: Managing Members

Roles & Permissions

Role Hierarchy

Role Comparison

Permission Matrix

Groups & Access Control

Changing Roles

Best Practices