docs
/
Go to coder.comRequest Support
docs
/
Home
About
Comparison
Feedback
Getting started
Workspaces
Getting started
Lifecycle
Applications
Autostart
Dev URLs
Docker in workspaces
Editors and IDEs
Environment variables
Personalization
Preferences
Progressive web apps
SSH access
Workspace parameters
Workspace templates
Workspace templates
Workspace template code completion
Images
Import
Tags
Custom image creation
Configure script
Structure
TLS certificates
Deprecate
Embeddable button
Command line
Installation and setup
Remote terminal
File sync
Workspace management
Setup
Architecture
Requirements
Kubernetes
Local preview
K3s
Amazon Elastic Kubernetes Service
Azure Kubernetes Service
Google Kubernetes Engine
Red Hat OpenShift
Installation
Configuration
Licensing
Updating
Update considerations
Air-gapped deployment
Network setup
Coder for Docker
Admin
Access control
User roles
Organization roles
Password reset
User management
Organizations
Org management
Registries
Default registry
Amazon Elastic Container Registry
Google Container Registry
Satellites
Manage satellites
Migrate to satellite deployments
Workspace management
Docker in workspaces
Cluster setup
Images
Management
Extensions
GPU acceleration
IDE installation
Memory provisioning
CPU provisioning
Self-contained workspace builds
Shutdown
SSH configuration
Workspace providers
Deployment
EC2
Kubernetes
Workspace provider management
Access URL
Account dormancy
Appearance
Audit
Browser security
Dev URLs
Git integration
Direct workspace connections
Telemetry
Templates
Usage metrics
Guides
Admin
Compute resources
Database migration
Helm charts
Image tag names
Logging
OpenID Connect with Azure AD
OpenID Connect with Google
OpenID Connect with Okta
Shared security responsibility
Storage
Usage monitoring
Customization
Git configuration
GPG forwarding
macOS keybindings
Node.js Projects
Tailscale
VNC
Deployment
Coder installation from an archive
Managed code-server Workspaces
PostgreSQL
SAML 2.0 identity brokering
Teardown
Terraform
TLS certificates
Azure DNS
Google Cloud DNS
Cloudflare
Route 53
Hosted beta
Mobile development
Public API
Troubleshooting
Admin password reset
Docker
GitHub OAuth integration
Image registry
inotify watcher limit problems
TypeError: Failed to fetch
Changelog
1.25.0
1.24.0
1.23.0
1.23.1
1.22.0
1.22.1
1.22.2
1.22.3
Home
/
Admin
/
Access control

User roles

5 min read

Learn about Coder's user roles and the privileges they offer.

Coder allows you to assign different roles to users, and each role comes with a distinct set of privileges regarding what the user can access and which actions they can perform.

There are four roles available:

Role Description
Site admin Grants full access to the system. Note that there can only be one site admin per system
Site manager Allows access to all administrative functionality in addition to basic usage rights
Auditor Offers auditing functionality
Member Allows basic usage of Coder

Additive permissions

The following tables detail what permissions Coder grants to each of the four roles, but a summary of the roles are:

  • All users are (or have the permissions of) a member
  • An auditor has the permissions of a member, plus the ability to work with audit logs
  • A site manager has the permissions of a member or an auditor, plus additional administrative rights
  • A site admin has the permissions of a member, auditor, and site manager, as well as additional admin rights (e.g., creating site managers, access to API keys)

Site admin permissions

Create Read (all) Read (own) List Update (all) Update (own) Delete (all) Delete (own)
API keys X X X X X X X X
Audit logs X
Configuration X X
Dev URLs X X X X
Workspaces X X X X
Images X X X X
Image tags X X X X
Metrics X X
OAuth X X
Org members X X X X X
Organizations X X X X X
Registries X X X X
System banners X X X X
Users X X X X X X X

Site manager permissions

Create Read (all) Read (own) List Update (all) Update (own) Delete (all) Delete (own)
API keys X X X X
Audit logs X
Configuration X X
Dev URLs X X X X
Workspaces X X X X
Extensions X X
Images X X X X
Image tags X X X X
Metrics X X
OAuth X X
Org members X X X X X
Orgs X X X X X
Registries X X X X
System banners X X X X
Users X X X X X X X

Auditor permissions

Create Read (all) Read (own) List Update (all) Update (own) Delete (all) Delete (own)
API keys X X X X
Audit logs X
Configuration X
Dev URLs X X X
Metrics X
Users X X X

Member permissions

Create Read (all) Read (own) List Update (all) Update (own) Delete (all) Delete (own)
API keys X X X X
Configuration X
Dev URLs X X X X
Metrics X
Users X X X

Changing a user's role

By default, all new users are assigned the Member role. These users can be upgraded to Auditor or Site Manager by another user with administrative privileges.

To change a user's role, go to Manage > Users. Find the user and use the Site Role drop-down to change the assigned role.

See an opportunity to improve our docs? Make an edit.

Go to coder.comGitHub