ChatBees
  • 👋Welcome
  • Concepts
    • 📖Architecture
    • 📖Security
    • 📖Serverless RAG
    • 📖Namespace and Collection
    • 📖Access Control
    • 🚀Ticket AI Agent
  • Ticket AI Agent
    • Installation
  • WEB APP REFERENCES
    • 🔑Sign-in and Sign-out
    • ⛓️Manage Connectors
    • 🌏Manage Collections
      • 💿Data Sources
        • 📖Configure Periodic Import
      • ❓Chat with collection
      • ⏱️View Q/A history
      • 📖Publish a Collection
    • 🏛️Manage Users
    • 💰[Flex] Billing and Payment
    • 💰[Enterprise] Billing and Payment
    • 📈Account Usage
    • 🗝️API Keys
    • 🖥️Generated Code Sample
  • ChatBots
    • 🪄AI Chat for Confluence
    • 🪄ChatBees Slack Bot
    • 🪄ChatBees Website ChatBot
    • 🪄Pnyx Discord Bot
  • Snowflake Native App
  • API References
    • 📖API Key
    • 📖Collection Operations
      • 📖Create Collection
      • 📖Configure Collection
      • 📖List Collections
      • 📖Delete Collection
    • 📖Document Operations
      • 📖Upload Document
      • 📖Summarize Document
      • 📖Get Document Outlines and FAQs
      • 📖Ask
      • 📖Chat
      • 📖Search
      • 📖Personalize Response
      • 📖List Documents
      • 📖Delete Document
    • 📖Crawl Operations
      • 📖Create Crawl
      • 📖Get Crawl
      • 📖Index Crawl
      • 📖Delete Crawl
    • 📖Ingest Data Sources
      • 📖Create Ingestion
      • 📖Get Ingestion
      • 📖Index Ingestion
      • 📖Delete Ingestion
Powered by GitBook
On this page
  • Role-Based Access Control (RBAC)
  • Privileges
  • Roles
  1. Concepts

Access Control

Control who can access your organization's data.

PreviousNamespace and CollectionNextTicket AI Agent

Last updated 1 year ago

Access Control is an Enterprise-only feature. to learn more about our Enterprise offering.

tldr: Users with AccountAdmin role has full access to everything in your organization. Users with AccountUser role has read-only access to collections. By default, all new users are assigned AccountUser role.

Role-Based Access Control (RBAC)

ChatBees implements Role-Based Access Control to help administrators control who has access to their organization's data. In simple terms, you can assign Roles to Users. These Roles contain Privileges that allow Users to access resources.

Privileges

  • Read: Able to retrieve a resource (e.g. Get, List, Describe)

  • Write: Able to modify a resource (e.g. Create, Update, Delete)

  • Admin: Able to retrieve or modify resources of other users (e.g. delete or invite user)

Roles

  • AccountAdmin: Grants Read, Write and Admin privileges to all resources in the account

  • AccountUser: Grants Read privilege to all resources in the account

By default, new users are assigned AccountUser role (except for the first user of the account). AccountAdmin can modify roles assigned to other users

Table below shows all API endpoints and the required privilege.

API
Description
Req. Priv.

/account/create_registration_token

Creates registration token to onboard new users

Admin

/account/get_user

Returns user's information

Admin

/account/update_user

Updates a user's role

Admin

/account/delete_user

Deletes a user

Admin

/account/list_users

Lists all existing users

Admin

/apikey/create

Create a personal API key

-

/apikey/delete

Deletes a personal API key

-

/apikey/list

Lists personal API keys

-

/collections/create

Creates a Collection

Write

/collections/configure

Updates a Collection's configuration

Write

/collections/delete

Deletes a Collection

Write

/collections/list

Lists all Collections

Read

/collections/describe

Describes a Collection

Read

/connectors/list

Lists connected connectors

Admin

/connectors/delete

Delete a connector

Admin

/accesslogs/list

Lists account access logs

Admin

/accountusage/get

Get account usage summary

Admin

/docs/add

Adds a local or hosted document from an online source to a collection

Write

/docs/delete

Deletes a document from a collection

Write

/docs/list

Lists documents in the collection

Read

/docs/ask

Asks a question in a collection

Read

/docs/search

Semantic search in a collection

Read

/docs/summary

Summarize a document in a collection

Read

/docs/list_access

Lists Q/A history of a collection

Admin

/docs/configure_chat

Configures persona etc of a collection. Affects future ask requests

Write

/docs/create_ingestion

Create a task to ingest from a data source

Write

/docs/get_ingestion

Gets the current ingest task progress

Write

/docs/index_ingestion

Indexes (trains) ingested data into collection

Write

/docs/delete_ingestion

Deletes indexed (trained), ingested data from collection

Write

📖
Please contact us