first candidate for launch

2026-05-28 07:21:42 -06:00
parent 9e4d26de44
commit 9e24a217ed
70 changed files with 1117 additions and 484 deletions
--- a/content/docs/enterprise/team/user-roles.md
+++ b/content/docs/enterprise/team/user-roles.md
@@ -0,0 +1,37 @@
+---
+weight: 186
+title: "User Roles"
+description: "The three user roles and their permissions within an account."
+icon: "article"
+date: "2025-05-27T00:00:00-00:00"
+lastmod: "2025-05-27T00:00:00-00:00"
+draft: false
+toc: true
+---
+
+Federated Enterprise has three user roles. Each role has a defined set of permissions within the account.
+
+## Permissions by Role
+
+| Permission | Owner | Admin | Member |
+|---|---|---|---|
+| View Cores & Domains | Yes | Yes | Yes |
+| Provision & delete Cores | Yes | Yes | No |
+| Manage Core add-ons | Yes | Yes | No |
+| Buy & manage domains | Yes | Yes | No |
+| Manage billing & add funds | Yes | Yes | No |
+| Change plan tier | Yes | Yes | No |
+| Invite users | Yes | Yes | No |
+| Change user roles | Yes | Yes | No |
+| Remove users | Yes | Yes | No |
+| Cancel account | Yes | Yes | No |
+| Update account settings | Yes | Yes | No |
+| Edit own profile | Yes | Yes | Yes |
+
+## Role Descriptions
+
+**Owner** — There is exactly one Owner per account. The Owner is the user who signed up and completed checkout. The Owner role cannot be changed or transferred through the UI — contact support if you need to transfer account ownership.
+
+**Admin** — Admins have the same permissions as the Owner for day-to-day operations: managing Cores, domains, billing, and users. Admins cannot change the Owner's role and cannot perform actions that affect the Owner user directly.
+
+**Member** — Members have read-only access. They can view Cores, domains, and billing information, but cannot make changes to any resources or account settings. This role is suitable for team members who need visibility without the ability to modify infrastructure.