Access Control & Roles
Flows allows you to define access control in order to limit what users can do in different situations. Across control works on two levels: Teams & Workspaces.
Teams
Every user in Flows will belong to a Team. A Team would usually represent a company while a Workspace within a team would represent a business unit, product, brand or any other grouping you wish to use within that Team.
A user within a Team has one of two roles:
| Team Role | Description |
| Owner | A super user for the team. Owners are able to create new workspaces, install apps, configure special settings and have access to all parts of the team |
| Member | A standard member of the team. All users invited to a team will have the "member" role unless they are an owner. Members have access to all public workspaces within the team |
Workspaces
A Team has a number of workspaces that are created by Team owners. Workspaces help to organise flows based on different groupings. Workspaces can be public or private.
A public workspace will be open and visible by all members of a team.
In a private workspace, specific users from the Team can be added and each user can be assigned a role that will enable or limit their abilities within that workspace.
Workspace members can have the following roles:
| Workspace Role | Description |
| Owner | All access rights listed below and can also invite new members to the workspace and delete the workspace if it's empty |
| Admin | Can create, enable/disable and delete any flows within the workspace. |
| Author | Can create new flows but cannot enable or disable them. Can delete their own flows only |
| Member | Can view flows and their logs but cannot create new flows |
Workspaces also have folders within them to give an additional level of organisation however, folders do not have access restrictions. All folders within a workspace will be visible and accessible by all users in the workspace.