Roles & Access

Configure custom roles and fine-grained permissions for your team.

Overview

Role-Based Access Control (RBAC) lets you define custom roles with specific permissions. Control who can view, edit, and manage different parts of TuringPulse.

Accessing RBAC

Navigate to Admin → Roles & Access to manage roles.

Default Roles

TuringPulse includes these built-in roles:

RoleDescription
OwnerFull access including billing and org deletion
AdminManage team, projects, and all settings
MemberUse features, view data, limited config
ViewerRead-only access to data
ReviewerProcess governance reviews

Permission Categories

Operations

  • runs.read - View runs and traces
  • workflows.read - View workflows
  • workflows.write - Modify workflows
  • incidents.read - View incidents
  • incidents.write - Manage incidents

Analysis

  • evals.read - View evaluations
  • evals.write - Run evaluations
  • metrics.read - Access metrics explorer

Controls

  • kpis.read - View KPI rules
  • kpis.write - Manage KPI rules
  • drift.read - View drift rules
  • drift.write - Manage drift rules
  • anomalies.read - View anomaly rules
  • anomalies.write - Manage anomaly rules

Governance

  • hitl.read - View review queue
  • hitl.review - Process reviews
  • hitl.admin - Manage policies

Admin

  • users.read - View team members
  • users.write - Manage team
  • roles.read - View roles
  • roles.write - Manage roles
  • api_keys.view - View API keys
  • api_keys.manage - Create/revoke keys

Creating Custom Roles

  1. Click Create Role
  2. Enter role name and description
  3. Select permissions from the list
  4. Save the role

Assigning Roles

Assign roles to team members:

  1. Go to Admin → Team
  2. Click on a member
  3. Select their role
  4. Save changes

Project-Level Roles

Assign different roles per project:

  • Admin in Project A, Viewer in Project B
  • Useful for multi-team organizations
  • Project-level overrides org-level

Next Steps