Skip to main content
Reducto Studio uses three roles to control what members of your organization can do. Roles are assigned per-organization, so a user can have different roles in different orgs.

Roles

RoleDescription
OwnerFull control over the organization, including destructive actions like deleting the org.
AdminDay-to-day management of members, API keys, and billing. Cannot delete the organization.
MemberCan use Studio and the API but cannot manage org settings.
Roles are hierarchical: Owners can do everything Admins can, and Admins can do everything Members can.

API Keys

API key management has two distinct permission levels:
ActionOwnerAdminMember
Create API keysYesYesYes
View API keysYesYesYes
Edit (rename) API keysYesYesNo
Delete API keysYesYesNo
API keys are scoped to the organization, not to the individual who created them. Any valid key authenticates requests on behalf of the entire org.

Full Permissions Matrix

CapabilityOwnerAdminMember
Use Studio (pipelines, processors, files)YesYesYes
Call the API with an org keyYesYesYes
View usage and request logsYesYesYes
Create API keysYesYesYes
Edit/delete API keysYesYesNo
Manage billing and payment methodsYesYesNo
Invite membersYesYesNo
Remove membersYesYesNo
Change member rolesYesYesNo
Delete the organizationYesNoNo

Managing Roles

To change a member’s role:
  1. Navigate to Settings in the sidebar
  2. Find the member in the users list
  3. Use the role dropdown to select a new role
You can only change roles for members at or below your own privilege level. For example, an Admin cannot change another Admin’s role to Member, but an Owner can.

Account & Settings

API key management, usage, and billing overview.

Security Policies

Data handling, retention, and compliance.