Buf Schema Registry (BSR)

Manage repositories

You can decide who gets to see your repository by picking whether it's public or private. When you create one, you get to choose which one you want. A public repository can be seen by anyone on the internet. A private one, on the other hand, is only viewable by you, people you give permission to.

Private repositories

You can make an existing repository private by going to its Settings tab and select Change to private under Change visibility.

You get one free private repository with your Buf Schema Registry user account (not available for organizations you're a member of). If you need more private repositories for your user account, upgrade your Buf Schema Registry subscription from our Pricing Page page.

Once you've created a private repository, you can push modules to it using buf.

Note: You must sign in and have access to work with a private repository.

You can choose collaborators and manage their access to a private repository from that repository's Settings page. You can also toggle the repository's status between public and private.


Within your repository, you can give others access to push modules to your repository, and you can assign permissions. You can also view your repository tags and the associated modules.

Contributors and their role

A contributor is someone you want to give access to a repository. Once designated, they can push to your repository and import it as a dependency. Only contributors with admin access are allowed to perform any administrative tasks such as deleting the repository or adding other contributors.

You can also assign more granular contributors rights ("Read", "Limited Write", "Write", "Admin") on Buf Schema Registry repositories. For more information see the organizations documentation.

Permissions reference

Permissions are cumulative. For example, if you have Write permissions, you automatically have Read permissions:

  • Read Can read the repository, and import it as a dependency.
  • Limited Write Can write to non-main branches in the repository.
  • Write Can write to the repository, such as by pushing new content or creating tags.
  • Admin Can administer the repository, including managing access, updating settings like its visibility status and deleting the repository.

A user who hasn't verified their email address only has Read-only access to the repository, regardless of the rights their team membership has given them.