Roles & RBAC
Octomil uses three roles for organization access control.
Roles
| Role | Capabilities |
|---|---|
owner | Full workspace control. Billing, delete org, transfer ownership. Everything an admin can do. |
admin | Manage users and invitations, devices and device groups, models and experiments, org settings, audit logs. |
member | View dashboard, view models and experiments, submit training updates, download assigned models. |
Assigning roles
Roles are set at invite time:
octomil team add alice@acme.com --role admin
octomil team add bob@acme.com --role member
To change a role after joining, use the dashboard under Settings > Workspace & team.
RBAC checkpoint
Enterprise organizations require at least 2 admin-or-higher accounts and 2 total members before onboarding is complete. Check status with:
octomil team list
The output shows the checkpoint status:
RBAC checkpoint: passed (2 admins, 4 members)
Invitations
- Each invite sends an email with a secure link
- Links expire in 7 days
- The invitee must sign in with the same email address to accept
- Re-invite expired invitations with
octomil team add
Related
- Enterprise Onboarding — full setup walkthrough
- SSO + SCIM — identity provider integration