Xano Enterprise allows granular permissions control for each team member and workspace within an Instance.
The Permissions Center, when enabled, allows the Instance owner full control over role-based permissions across each workspace within the Instance.
To access the Permissions Center, select the menu icon on the Instance then choose Permissions.
Access the Permissions Center.
Roles can be managed and created from the Roles view of the Permission Center.
Roles in the Permission Center
Xano includes a few default roles, which permissions are standard and cannot be modified. These roles include admin, developer, guest, and analyst.
Permission types can be set on the various workspace objects in Xano. The permission types are as follows:
- Full - full access to the object, no restrictions.
- Disabled - no access to the object.
- Read-only - restricted access to the object. With this permission, the team member may view the object but cannot make any modifications.
- Inherit* - inherit is a special permission type. This permission will inherit the same permission from the parent role type. Meaning, inherit is chosen for Jane Doe on Workspace A for Run & Debug, then Jane's permission on Run & Debug will inherit the permission of her assigned role. If the assigned role is also inherit then the permission will inherit the Global permission.
The workspace objects with role-based access control include:
- Access - access to the Workspace.
- Run & Debug - the ability to use Run & Debug on Function Stacks.
- Export - export all data and schema.
- Database - access to the database.
- API - access to the API endpoints.
- Function - access to Custom Functions in the library.
- Addons - access to Addons in the library.
- Tasks - access to Background Tasks.
- Files - File management in the library.
- Settings - Workspace settings (including Environment Variables).
- Marketplace - access to the Marketplace for templates and extensions.
- Add Workspace - the ability to add a new Workspace.
To create a new role select + Add new custom role.
To edit the permissions on a custom role, double-click the permission level to modify and select the new permission from the dropdown.
Modify permissions of a custom role.
The initial view in the Permissions Center provides a view of all the Workspaces, team members, and permissions in the Instance.
See all Workspaces, team members, and permissions in the Instance.
You can easily filter by team member and workspace to see which permissions are enabled for a particular person and workspace.
In this example, we are looking at Michael's permissions across all workspaces.
Bulk Assign enables you to quickly assign a team member the same permissions as another one. This is useful when you have team members that need the exact same access across each Workspace.
Bulk Assign to easily assign a Role to a team member to be applied across all Workspaces.
You can edit specific permissions on a Workspace for a team member by double-clicking on the permission you want to modify.
Global Permissions provide a way to override the permissions inferred via the assigned Role.
Global Permissions can override permissions iferred via the assigned Role.
To edit the Global Permissions of a team member, double-click on the permission you wish to change and select the desired permission type.