Team & Access Rights
Goal: Bring teammates into the workshop and give each the right access.
OpenX is for teams and teams-to-be. Start solo, add teammates as the work grows. Each gets a role, and you can scope access to the whole workshop or a single surface.
Roles
| Role | Can do |
|---|---|
| Admin | Everything - invite, edit, delete, manage roles |
| Editor | Create and modify connections, surfaces, warm queries |
| Viewer | View data and run existing queries; cannot modify |
New teammates default to Viewer. Editors propose changes that go through review (see Team Review & Access Rights).
Invite a teammate
Workspace -> Team Members, enter an email, Invite. They accept a link and appear in your team list. Invitations expire after 7 days.
Team changes are reviewed actions too - an agent can surface the intent, but invites and role changes are confirmed by an Admin in the portal.
Ask Azi: "Invite sarah@yourteam.com as an Editor." She sets it up for an Admin to confirm.
Scope access
| Level | Use for |
|---|---|
| Workshop | Most teammates - one role across everything |
| Surface | Contractors / partners - access to just one surface (overrides, more restrictive) |
Change a role
Find the teammate, click their role, pick the new one, confirm. Every change is recorded with who made it. Keep Admins few; prefer least access; review periodically. Teams can also sign in through their own identity provider (SAML/OIDC) and map groups to OpenX roles.
Go deeper
- The full role matrix and role-change records -> Permissions
- Sending, tracking, and revoking invites -> Inviting Members
- The access model, SSO, and your own cloud -> User Management
Next steps
- How proposals get reviewed -> Team Review & Access Rights
- Tokens and secrets -> Security