📖Access Control
Control who can access your organization's data.
Last updated
Control who can access your organization's data.
Last updated
Access Control is an Enterprise-only feature. Please contact us to learn more about our Enterprise offering.
tldr: Users with AccountAdmin role has full access to everything in your organization. Users with AccountUser role has read-only access to collections. By default, all new users are assigned AccountUser role.
ChatBees implements Role-Based Access Control to help administrators control who has access to their organization's data. In simple terms, you can assign Roles to Users. These Roles contain Privileges that allow Users to access resources.
Read: Able to retrieve a resource (e.g. Get, List, Describe)
Write: Able to modify a resource (e.g. Create, Update, Delete)
Admin: Able to retrieve or modify resources of other users (e.g. delete or invite user)
AccountAdmin: Grants Read, Write and Admin privileges to all resources in the account
AccountUser: Grants Read privilege to all resources in the account
By default, new users are assigned AccountUser role (except for the first user of the account). AccountAdmin can modify roles assigned to other users
Table below shows all API endpoints and the required privilege.
| API | Description | Req. Priv. |
|---|---|---|
/account/create_registration_token
Creates registration token to onboard new users
Admin
/account/get_user
Returns user's information
Admin
/account/update_user
Updates a user's role
Admin
/account/delete_user
Deletes a user
Admin
/account/list_users
Lists all existing users
Admin
/apikey/create
Create a personal API key
-
/apikey/delete
Deletes a personal API key
-
/apikey/list
Lists personal API keys
-
/collections/create
Creates a Collection
Write
/collections/configure
Updates a Collection's configuration
Write
/collections/delete
Deletes a Collection
Write
/collections/list
Lists all Collections
Read
/collections/describe
Describes a Collection
Read
/connectors/list
Lists connected connectors
Admin
/connectors/delete
Delete a connector
Admin
/accesslogs/list
Lists account access logs
Admin
/accountusage/get
Get account usage summary
Admin
/docs/add
Adds a local or hosted document from an online source to a collection
Write
/docs/delete
Deletes a document from a collection
Write
/docs/list
Lists documents in the collection
Read
/docs/ask
Asks a question in a collection
Read
/docs/search
Semantic search in a collection
Read
/docs/summary
Summarize a document in a collection
Read
/docs/list_access
Lists Q/A history of a collection
Admin
/docs/configure_chat
Configures persona etc of a collection. Affects future ask requests
Write
/docs/create_ingestion
Create a task to ingest from a data source
Write
/docs/get_ingestion
Gets the current ingest task progress
Write
/docs/index_ingestion
Indexes (trains) ingested data into collection
Write
/docs/delete_ingestion
Deletes indexed (trained), ingested data from collection
Write