Skip to main content
Reducto Studio uses three roles to control what members of your organization can do. Roles are assigned per-organization, so a user can have different roles in different orgs.

Roles

RoleDescription
OwnerFull control over the organization, including destructive actions like deleting the org.
AdminDay-to-day management of members, API keys, and billing. Cannot delete the organization.
MemberCan use Studio and the API but cannot manage org settings.
Roles are hierarchical: Owners can do everything Admins can, and Admins can do everything Members can.

API Keys

API key management has two distinct permission levels:
ActionOwnerAdminMember
Create API keysYesYesNo
View API keysYesYesYes
Edit (rename) API keysYesYesNo
Delete API keysYesYesNo
  • Owners and Admins can create new keys, rename existing keys, and revoke (delete) keys belonging to anyone in the organization.
  • Members can view the list of active keys (name, creation date, expiration) but cannot create, rename, or delete any key.
  • Deleting an API key immediately revokes it. Any requests using that key will fail.
API keys are scoped to the organization, not to the individual who created them. Any valid key authenticates requests on behalf of the entire org.

Full Permissions Matrix

CapabilityOwnerAdminMember
Use Studio (pipelines, processors, files)YesYesYes
Call the API with an org keyYesYesYes
View usage and request logsYesYesYes
Create API keysYesYesNo
Edit/delete API keysYesYesNo
Manage billing and payment methodsYesYesNo
Invite membersYesYesNo
Remove membersYesYesNo
Change member rolesYesYesNo
Delete the organizationYesNoNo
When inviting members, you can only assign a role at or below your own level. Owners can invite as Owner, Admin, or Member. Admins can invite as Admin or Member.

Managing Roles

To change a member’s role:
  1. Navigate to Settings in the sidebar
  2. Find the member in the users list
  3. Use the role dropdown to select a new role
You can only change roles for members at or below your own privilege level. For example, an Admin cannot change another Admin’s role to Member, but an Owner can.

Account & Settings

API key management, usage, and billing overview.

Security Policies

Data handling, retention, and compliance.