Arize AI
Search…
Access Control & Authorization (RBAC)
At each level of the account hierarchy there are different roles with different permissions. Access is inherited from top (account level) to bottom (space level). Therefore account admins have admin access to all organizations and all spaces in the account.
Roles and access are managed on the Members tab at the Account, Organization, and/or Space Settings pages. At each level admins can change roles of members, invite members, and restrict access.
Below is a high level overview of the roles and related permissions at each level.

Account:

Admin - Has full access to all entities in the account.
Member - Access is determined by organization and space roles.
Action
Admin
Member
User management
  • Invite users, remove users, and change user roles
Create organizations

Organization:

Admin - Has full access to all entities in the organization.
Member - Has partial access at the organizational level. Space access is determined by space role.
Action
Admin
Member
Organization Member management
  • Invite and remove members and change their roles
Create spaces
View public spaces
View private spaces
If added to space:
If not: ❌

Space:

Admin - Has full access to all entities in the space.
Member - Has write access to entities associated to models (e.g., monitors) but does not have access to API keys, model creation, or membership management.
Read-only Member - Has read-only access to entities in the space.
Action
Admin
Member
Read-only Member
Access to SDK API Key
Space Member management
  • Invite and remove members and change their roles
Delete models
Create and delete file import jobs
Update model settings
Create/Edit Dashboards
Read-only
Create/Edit Monitors
Read-only
Create/Edit Projects
Read-only
Questions? Email us at [email protected] or Slack us in the #arize-support channel