Roles & Permissions

Roles and permissions control what users can do in SeeMe.ai.

Role Hierarchy

graph TD
    A[Organization Owner] --> B[Organization Admin]
    B --> C[Organization Member]
    C --> D[Organization Viewer]

    E[Project Admin] --> F[Project Contributor]
    F --> G[Project Viewer]

Organization Roles

Role	Description	Key Permissions
Owner	Full control	Billing, delete org, all admin rights
Admin	Manage organization	Invite members, create teams, manage projects
Member	Standard user	Create projects, join teams
Viewer	Read-only	View resources, no modifications

Project Roles

Role	Description	Key Permissions
Admin	Full project control	Manage members, settings, delete resources
Contributor	Active participant	Create models, datasets, run jobs
Viewer	Observer	View resources, download results

Permission Matrix

Models

Action	Owner	Admin	Contributor	Viewer
View	Yes	Yes	Yes	Yes
Create	Yes	Yes	Yes	No
Edit	Yes	Yes	Yes	No
Delete	Yes	Yes	No	No
Share	Yes	Yes	Yes	No

Datasets

Action	Owner	Admin	Contributor	Viewer
View	Yes	Yes	Yes	Yes
Create	Yes	Yes	Yes	No
Upload data	Yes	Yes	Yes	No
Delete	Yes	Yes	No	No
Export	Yes	Yes	Yes	Yes

Jobs

Action	Owner	Admin	Contributor	Viewer
View	Yes	Yes	Yes	Yes
Create	Yes	Yes	Yes	No
Cancel	Yes	Yes	Yes	No
Delete	Yes	Yes	No	No

Custom Roles (Enterprise)

Enterprise customers can create custom roles:

## Create custom role (Enterprise only)
role = client.create_role(
    organization_id=org.id,
    name="Data Annotator",
    permissions=[
        "dataset:view",
        "dataset:annotate",
        "model:view"
    ]
)

Best Practices

ℹ️

Principle of Least Privilege: Always assign the minimum permissions needed for the task.

Start restrictive: Begin with viewer, elevate as needed
Use teams: Manage permissions via teams, not individuals
Regular audits: Review permissions quarterly
Document decisions: Note why users have elevated access