Members and roles
Five roles, one cascade. Override at the project level when you need finer control.
The five roles
Roles are deliberately coarse. The expected pattern is: a small number of Owners and Admins, a meaningful population of Curators (your knowledge stewards), most people as Contributors, and Viewer reserved for read-only stakeholders like auditors and executives.
- Owner — full control, including billing and data export. At least one required per workspace; transfer rather than delete.
- Admin — operational control without billing. Best for engineering managers and IT.
- Curator — approves SOPs and edits the graph. Typically a knowledge ops lead or chief of staff.
- Contributor — runs interviews, uploads content, uses AI search. Default for most employees.
- Viewer — read-only and can ask the AI. For auditors, executives, and seasonal contractors.
Permissions matrix
| Permission | Owner | Admin | Curator | Contributor | Viewer |
|---|---|---|---|---|---|
Manage billing Edit plan, payment method, invoices. | |||||
Manage SSO and SCIM Configure identity providers and provisioning. | |||||
Invite and remove members Add or revoke seats. | |||||
Change member roles Promote, demote, or transfer Owner. | |||||
Create and archive projects Manage project lifecycle. | |||||
Approve SOPs Move SOPs to approved state. | |||||
Edit graph entities Modify entities and relationships. | |||||
Run AI interviews Start and conduct sessions. | |||||
Upload artifacts Add transcripts, documents, recordings. | |||||
Ask AI questions Use AI search and chat. | |||||
Read SOPs View approved SOPs they have access to. | |||||
View audit log Read the workspace audit ledger. | |||||
Export workspace data Initiate a full data export. |
Project overrides
Workspace roles cascade into every project by default. You can override at the project level — for example, granting a Contributor Curator-level rights only inside the Compliance project. Overrides are additive (they grant, never revoke); to fully exclude someone from a project, set the project to private and add them explicitly.
On Business and Enterprise plans, Admins can request time-bounded Curator rights for any contributor, with a stated reason that is written to the audit log. Useful for short-term incident response or handoff windows.