Skip to main content
Avra uses role-based access control (RBAC) scoped to your organization. Each user is assigned a role that determines their permissions across the dashboard and API.

Available Roles

Permission Matrix

Key Behaviors

  • Access inheritance: Removing a user immediately revokes their dashboard sessions and API keys
  • Least privilege: Assign the minimum role needed for each team member’s responsibilities
  • Single Sign-On: Enterprise workspaces can enforce SSO with at least one break-glass admin using email/password + MFA

Role Assignment

To change a user’s role:
  1. Navigate to Access & Security → Members
  2. Click the member’s current role
  3. Select the new role from the dropdown
  4. Changes take effect immediately
Every workspace requires at least one Creator. The last Creator cannot be downgraded or removed.