📖Access Control
Control who can access your organization's data.
Access Control is an Enterprise-only feature. Please contact us to learn more about our Enterprise offering.
tldr: Users with AccountAdmin
role has full access to everything in your organization. Users with AccountUser
role has read-only access to collections. By default, all new users are assigned AccountUser
role.
Role-Based Access Control (RBAC)
ChatBees implements Role-Based Access Control to help administrators control who has access to their organization's data. In simple terms, you can assign Roles
to Users
. These Roles
contain Privileges
that allow Users
to access resources.
Privileges
Read
: Able to retrieve a resource (e.g. Get, List, Describe)Write
: Able to modify a resource (e.g. Create, Update, Delete)Admin
: Able to retrieve or modify resources of other users (e.g. delete or invite user)
Roles
AccountAdmin
: GrantsRead
,Write
andAdmin
privileges to all resources in the accountAccountUser
: GrantsRead
privilege to all resources in the account
By default, new users are assigned AccountUser
role (except for the first user of the account). AccountAdmin
can modify roles assigned to other users
Table below shows all API endpoints and the required privilege.
/account/create_registration_token
Creates registration token to onboard new users
Admin
/account/get_user
Returns user's information
Admin
/account/update_user
Updates a user's role
Admin
/account/delete_user
Deletes a user
Admin
/account/list_users
Lists all existing users
Admin
/apikey/create
Create a personal API key
-
/apikey/delete
Deletes a personal API key
-
/apikey/list
Lists personal API keys
-
/collections/create
Creates a Collection
Write
/collections/configure
Updates a Collection's configuration
Write
/collections/delete
Deletes a Collection
Write
/collections/list
Lists all Collections
Read
/collections/describe
Describes a Collection
Read
/connectors/list
Lists connected connectors
Admin
/connectors/delete
Delete a connector
Admin
/accesslogs/list
Lists account access logs
Admin
/accountusage/get
Get account usage summary
Admin
/docs/add
Adds a local or hosted document from an online source to a collection
Write
/docs/delete
Deletes a document from a collection
Write
/docs/list
Lists documents in the collection
Read
/docs/ask
Asks a question in a collection
Read
/docs/search
Semantic search in a collection
Read
/docs/summary
Summarize a document in a collection
Read
/docs/list_access
Lists Q/A history of a collection
Admin
/docs/configure_chat
Configures persona etc of a collection. Affects future ask
requests
Write
/docs/create_ingestion
Create a task to ingest from a data source
Write
/docs/get_ingestion
Gets the current ingest task progress
Write
/docs/index_ingestion
Indexes (trains) ingested data into collection
Write
/docs/delete_ingestion
Deletes indexed (trained), ingested data from collection
Write
Last updated