Access control

Choose the right identity for account-scoped and user-scoped workflows.

View as Markdown

Access control in the platform depends on two things: the credentials used to make the request, and the access available to those credentials.

Integrations should authenticate with account credentials or user credentials. Do not use username and password authentication for customer integrations.

Credential scope

Credential typeScopeUse when
Account credentialsA single account.You are automating account-scoped work such as data, model, configuration, or workspace operations.
User credentialsThe organisations and accounts available to the user who created the credentials.You need user-level attribution, user-scoped access, or administrative automation.

Scope determines where a request can act. Roles and permissions determine what the credentials can do within that scope.

Roles are visible and assignable, but role and permission management is not yet fully exposed. You can retrieve available roles and assign role IDs when inviting users.

Choose the right credentials

Use account credentials for production automation that only needs one account. This is the safest default for backend services, scheduled workflows, and account-scoped integrations.

Use user credentials when a workflow needs to act as a specific user. This is appropriate for user-attributed actions, administrative workflows, or workflows that need access across the organisations and accounts available to that user.

When in doubt, start with account credentials and move to user credentials only when the workflow genuinely needs user-level access.

Administration workflows

Some administration workflows are account-scoped. For example, users are retrieved and invited within the active account, and inviting a user requires one or more role IDs.

Other workflows require a user identity. Current-user profile and settings endpoints require a user principal, so they are not suitable for account credentials.