Manage members and roles
An organization member is a BSR user who can access your BSR organization's resources.
Once designated, they can push modules to any of the organization's repositories and import them as a dependency.
Only members with admin access are allowed to perform any administrative tasks such as base resource roles or adding other members.
Members can be added by owners and admins of the organization. Members are granted the organization's base resource role, which defaults to write, but is configurable by owners and admins.
Add a member
To add a member to an organization, sign in to the Buf Schema Registry, navigate to the organizations Settings page, and then select Add member.
When adding a member to an organization, keep a few important things in mind:
- Members must already have an active Buf account.
- Members can be added by owners and admins of the organization.
- Members are granted the organization's base resource role, which defaults to write, but is configurable by owners and admins.
Member roles
Every user that's part of an organization has an explicit role. Users are unable to modify their own role. If you need to lower your access, have another organization user perform this action or leave the organization and request to be re-added with the desired role.
Member
- Can view the organization and its members.
- Inherits the base resource roles on existing organization resources (the default is
Write).
Writer
- Can view the organization and its members.
- Can add resources such as repositories and plugins.
- Inherits
Writeroles over existing organization resources, regardless of the organization's base resource roles.
This role is especially useful with CI pipelines.
For example, you could set the organization base roles to Read and configure a bot user to push to a BSR repository on merge.
If you're on a Pro or Enterprise plan, see Bot users for specifics related to bot users on your private BSR server.
Admin
- Can modify organization settings, such as base resource roles.
- Can add and delete resources such as repositories and plugins.
- Can manage user roles, except owners.
Owner
- Users that require unrestricted access to the organization, its settings, and all resources owned by the organization.
- Can add and delete resources such as repositories and plugins.
- Can delete organization. All resources such as repositories and plugins must be deleted before the organization can be deleted.
You can also assign more granular member rights ("Read", "Limited Write", "Write", "Admin") on BSR repositories. For more information see the repository documentation.
Base resource roles
Base roles apply to all members of the organization. The base role can be elevated individually for the organization members, and outside collaborators can be added with an arbitrary role. Every organization has a set of base resource roles that apply to all members of the organization. The default roles:
| Repository |
|---|
| Write |
Organization owners can modify the base resource roles depending on the requirements of the organization. These roles are configurable on the organization settings page.
Base repository role
Read: Can read the repository and import it as a dependency.Limited Write: Can write to non-default labels. Can't write to the default label.Write: Can create and write to repositories, such as by pushing new content or creating labels.Admin: Can administer the repository, including managing access, updating settings like visibility status, and deleting the repository.
Related docs
- Learn about commits and labels