Permissions

Organization roles, API scopes, OAuth scopes, and public endpoint boundaries.

Permissions

RogerIQ uses different permission models for dashboard users, public API keys, OAuth installs, and public browser endpoints.

Organization Roles

RoleTypical use
OwnerBilling, organization settings, high-risk admin tasks.
AdminTeam setup, integrations, project settings, API keys.
AgentInbox work, replies, contacts, knowledge, normal support operations.
ViewerRead-only access where supported.

Public API Scopes

ScopeGrants
readRead public API resources.
writeMutate public API resources.
adminAdministrative API access where supported.

HolyDocs OAuth Scopes

ScopeGrants
readRead project resources.
writeMutating project resources.
kb:writeKnowledge article bulk upsert.
insights:readDoc gaps and analytics.
widget:writeWidget config and proactive trigger.

Public Browser Endpoints

Public forms, beacons, and widget endpoints do not use API keys. They are constrained by project IDs, visitor tokens, allowed origins, rate limits, secure identity, and spam controls.

Previous Architecture
Next Security
Ask a question... ⌘I