# Roles & Permissions

The Roles & Permissions tab defines how collaborators interact with project resources, including devices, Functions, and storage actions. 

{% hint style="info" %}
A resource is any project component that can be viewed, created, modified, or deleted. This includes devices, Functions, or storage actions within your project.
{% endhint %}

Qubitro provides three default roles—Read-Only, Read/Write, and Admin—each granting a different level of access.

{% hint style="success" %}
If your plan or organization settings allow for custom roles, you can define additional role types with more granular permissions.
{% endhint %}

### Default Roles

#### Read-Only

Users can view resources but cannot create, modify, or delete them.

{% hint style="info" %}
**Examples**

• They can see device details but cannot rename or delete the device.

• They can view existing Functions but cannot edit or create them.
{% endhint %}

#### Read/Write

Users can create and modify resources but cannot delete them.

{% hint style="info" %}
**Examples**

• They can add new devices or edit existing Functions but cannot delete them.

• They can view or download stored data but cannot permanently delete storage entries.
{% endhint %}

#### Admin

Users have full control over all resources, including creation, modification, and deletion, plus access management.

{% hint style="info" %}
**Examples**

• They can remove devices or Functions from the project.

• They can invite or remove collaborators and manage roles.
{% endhint %}

### Roles Reference

<table><thead><tr><th width="228"></th><th align="center">Read-Only</th><th align="center">Read/Write</th><th align="center">Admin</th></tr></thead><tbody><tr><td>View Resources</td><td align="center">✅</td><td align="center">✅</td><td align="center">✅</td></tr><tr><td>Modify Resources</td><td align="center">❌</td><td align="center">✅</td><td align="center">✅</td></tr><tr><td>Create Resources</td><td align="center">❌</td><td align="center">✅</td><td align="center">✅</td></tr><tr><td>Delete Resources</td><td align="center">❌</td><td align="center">❌</td><td align="center">✅</td></tr><tr><td>Access Management</td><td align="center">❌</td><td align="center">❌</td><td align="center">✅</td></tr></tbody></table>

***

### Custom Roles

Custom roles allow Organizations to define more specific access controls for project-level resources. You can customize which actions are allowed, such as creating dashboards, editing environment variables, or inviting collaborators.

{% hint style="warning" %}
Custom roles are available only for **Organizations** and must be created in the **Organization Settings**.
{% endhint %}

Once created, custom roles can be assigned to collaborators through the **Access Management** tab of each project.

{% content-ref url="../../organizations/custom-roles" %}
[custom-roles](https://docs.qubitro.com/organizations/custom-roles)
{% endcontent-ref %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.qubitro.com/platform/project/roles-and-permissions.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.