Security and permissions

Security and Permissions

This page explains the security model and permission system in Waterflai. Waterflai uses a role-based access control (RBAC) system to manage user permissions at both the global (organization) level and the workspace level.

User Roles

Waterflai has three main user roles at the global level:

  1. Admin: Full access to all features and administrative functions

  2. Creator: Can create and manage workspaces

  3. User: Basic access to use Waterflai features within assigned workspaces

Global Permissions

Global permissions apply across the entire Waterflai organization. Here's an overview of the permissions for each global role:

Admin

  • Full access to all features and permissions

Creator

  • Create workspaces

  • List and enter into assigned workspaces

User

  • List and enter into assigned workspaces

Workspace Roles and Permissions

Within each workspace, users can have one of three roles:

  1. Workspace Admin: Full control over the workspace

  2. Workspace Creator: Can create and manage most resources within the workspace

  3. Workspace User: Basic access to use features within the workspace

Here's a detailed breakdown of permissions for each workspace role:

Workspace Admin

  • Full access to all workspace features and permissions

Workspace Creator

  • API Keys: Create, List, Delete

  • Chatbots: Create, List, View, Edit, Publish, Delete

  • Conversations: Create, List, View, Edit, Delete

  • Providers: Create, List, View, Edit, Delete

  • Inference Analytics: List, View, Delete

  • Models: Create, List, View, Edit, Delete

  • RAG Collections: Create, List, View, Edit, Delete

  • RAG Connector Configs: Create, List, View, Edit, Delete

  • Chatflows: Create, List, View, Edit, Execute, Delete

  • Workflows: Create, List, View, Edit, Execute, Delete

Workspace User

  • Chatbots: List, View, Chat

  • Conversations: Create, List, View, Edit, Delete

  • Inference Analytics: List, View

Best Practices for Managing Permissions

  1. Least Privilege: Assign users the minimum role necessary for their tasks to maintain security.

  2. Regular Audits: Periodically review user roles and permissions to ensure they are still appropriate.

  3. Role Separation: Use workspace roles to create separation of duties within projects or teams.

  4. Education: Ensure all users understand their permissions and the responsibilities that come with their role.

Customizing Permissions

While Waterflai's default roles and permissions cover most use cases, organizations with specific needs can contact Waterflai support to discuss custom permission configurations.

By understanding and properly utilizing this permission system, you can ensure that your Waterflai organization maintains a secure and well-organized environment for all users.

PreviousWorkspaceNextSupport

Last updated