User Roles and Permissions
BEEM uses role-based access control (RBAC) with three workspace-level roles. A single user can hold different roles across multiple workspaces.
The Three Roles
Organization Admin
- Full access to everything in the workspace
- Manage members: invite, change roles, remove
- Manage connections and integrations
- Manage organization settings
- Create, edit, and delete all objects (datasets, dashboards, flows)
Editor
- Create and edit datasets, dashboards, and flows
- Cannot manage members, connections, or organization settings
Viewer
- Read-only access to dashboards and datasets
- Can use AI Insights to ask questions
- Cannot create, edit, or delete anything
- Go to Members in the left sidebar
- See all workspace members and their assigned roles
- Click Add Member
- Enter the email address
- Select the role from the dropdown: Organization Admin, Editor, or Viewer
- Click Add
- Go to Members
- Find the user in the list
- Click the role dropdown next to their name
- Select the new role
- The change takes effect immediately
| Capability | Organization Admin | Editor | Viewer |
|---|---|---|---|
| View dashboards and data | Yes | Yes | Yes |
| Use AI Insights | Yes | Yes | Yes |
| Create/edit datasets | Yes | Yes | No |
| Create/edit dashboards | Yes | Yes | No |
| Create/edit flows | Yes | Yes | No |
| Manage members | Yes | No | No |
| Manage connections | Yes | No | No |
| Organization settings | Yes | No | No |
- Give Viewer access to stakeholders who only need to see dashboards
- Use Editor for analysts who build datasets and reports
- Limit Organization Admin to the people who manage the workspace and connections
- Remember that connections are organization-level, shared across all workspaces