Skip to main content
Version: v2 ⚡

User Roles & Permissions

When OpenFn Users are invited to work on your Project as Collaborators, they are assigned a Role that determines their permissions. The four available Roles are: Owner (only 1 per project), Admin, Editor & Viewer. Check out the table below for the permissions available to each role.

| Context | Action | Owner | Admin | Editor | Viewer | | :-------- | :------------------------------------------------------------------ | :----------------: | :----------------: | :----------------: | :----------------: | --- | | Workflows | Create a Workflow | ✔️ | ✔️ | ✔️ | | " | | Workflows | Edit a Job in a Workflow | ✔️ | ✔️ | ✔️ | | " | | Workflows | Add/remove webhook authentication method for Workflow | ✔️ | ✔️ | | | " | | Workflows | Delete a Workflow | ✔️ | ✔️ | ✔️ | | " | | Workflows | Run from the Inspector | ✔️ | ✔️ | ✔️ | | " | | Workflows | Select the 5 latest Inputs for a Job in a Workflow | ✔️ | ✔️ | ✔️ | | " | | History | View/search/filter on the History page | ✔️ | ✔️ | ✔️ | ✔️ | " | | History | View a Run from the Work Order history | ✔️ | ✔️ | ✔️ | ✔️ | " | | History | View a Input from a Work Order history | ✔️ | ✔️ | ✔️ | ✔️ | " | | History | Run from the Work Order history | ✔️ | ✔️ | ✔️ | | " | | Settings | View Project name | ✔️ | ✔️ | ✔️ | ✔️ | " | | Settings | Edit Project name | ✔️ | ✔️ | | | " | | Settings | View Project description | ✔️ | ✔️ | ✔️ | ✔️ | " | | Settings | Edit Project description | ✔️ | ✔️ | | | " | | Settings | Export Project | ✔️ | ✔️ | ✔️ | ✔️ | " | | Settings | Delete a Project | ✔️ | | | | " | | Settings | View Project Credentials, type, and owner | ✔️ | ✔️ | ✔️ | ✔️ | " | | Settings | Add/remove webhook authentication method for Project | ✔️ | ✔️ | | | " | | Settings | Change MFA requirement for Project | ✔️ | ✔️ | | | " | | Settings | Add/remove Project Collaborator | ✔️ | ✔️ | | | " | | Settings | View Project Collaborators (project_users, role, digest and alerts) | ✔️ | ✔️ | ✔️ | ✔️ | " | | Settings | Edit digest and alerts for themselves | ✔️ | ✔️ | ✔️ | ✔️ | " | | Settings | Edit digest and alerts for others | | | | | " | | Settings | Change Input/Output Dataclip storage policy | ✔️ | ✔️ | | | " | | Settings | Change History retention period | ✔️ | ✔️ | | | " | | Settings | Update GitHub project/repo connection | ✔️ | ✔️ | | | " | | Settings | Initiate GitHub sync | ✔️ | ✔️ | ✔️ | | " |

Super User privileges

Every OpenFn instance has a user with a Super User role that enables them to have full administrative control of the platform. This includes management of users, projects, audit trail, and third-party authentication, with the below Super User privileges:

AspectDescriptionFeatures/Permissions
User ManagementThe management of users on an OpenFn instanceCreating, editing, removing users
Project ManagementHow projects are created and managed on the instanceCreate, delete, edit a project, assign users
AuthenticationThird-party access management for users on the instanceSet up OpenID Auth for the instance
Audit TrailingAuditability and change managementView history of relevant user actions on the instance for audits

If you're using the hosted OpenFn platform (e.g., app.openfn.org), contact support@openfn.org if you need to get in touch with the super user to request new projects or configuration changes.