Lybic Docs
Organization Management

Understanding Roles

Role-based permissions in organizations

Roles define what members can do within your organization. Lybic uses a three-tier role system to balance collaboration and security.

Available Roles

Owner

The Owner role has full administrative control over the organization:

Permissions:

  • Manage billing and subscription plans
  • Purchase packages and view orders
  • Add and remove members
  • Change member roles
  • Create and delete sandboxes
  • Create and delete projects
  • Manage API keys

Use Cases:

  • Organization founders
  • Primary administrators
  • Financial decision-makers

Admin

The Admin role can manage the organization but not billing:

Permissions:

  • Add and remove members
  • Change member roles (including to Owner)
  • Create and delete sandboxes
  • Create and delete projects
  • Manage API keys
  • View organization resources

Restrictions:

  • Cannot manage billing or plans

Use Cases:

  • Team leads
  • Technical administrators
  • Trusted senior members

Member

The Member role can use organization resources but not manage them:

Permissions:

  • Create sandboxes
  • Create projects
  • Use organization's packages
  • View organization resources

Restrictions:

  • Cannot add or remove members
  • Cannot change member roles
  • Cannot manage billing
  • Cannot manage API keys
  • Cannot delete organization resources created by others

Use Cases:

  • Regular team members
  • Developers
  • Contributors

Role Hierarchy

The role hierarchy from highest to lowest:

  1. Owner - Full control
  2. Admin - Management without billing
  3. Member - Resource usage only

Higher roles inherit all permissions from lower roles.

Role Assignment Guidelines

Choosing the Right Role

Assign Owner when:

  • User needs to manage billing
  • User is responsible for organization finances
  • User is the primary organization administrator

Assign Admin when:

  • User needs to manage team members
  • User is a technical lead or manager
  • User needs to configure organization settings

Assign Member when:

  • User only needs to create and use resources
  • User is a regular contributor
  • User doesn't need management permissions

Multiple Owners

Organizations can have multiple Owners. This is useful for:

  • Distributing administrative responsibilities
  • Ensuring continuity if one Owner leaves
  • Separating financial and technical administration

Permission Boundaries

What Roles Cannot Override

Regardless of role, members cannot:

  • Access another user's personal account settings
  • Modify resources without proper organization-level permissions
  • Bypass organization package limits
  • Access other organizations' data

Resource Ownership

Resources (sandboxes, projects) belong to the organization, not individual members. This means:

  • All members can view organization resources
  • Permissions to modify resources depend on role
  • Resources persist even if the creator leaves

Managing Members

Add, remove, and manage organization members

Plan & Packages

Understanding Lybic's plans and packages system

On this page

Available RolesOwnerAdminMemberRole HierarchyRole Assignment GuidelinesChoosing the Right RoleMultiple OwnersPermission BoundariesWhat Roles Cannot OverrideResource Ownership