Heroku Team Permissions and Allowed Actions
Last updated 31 May 2019
A Heroku team is a logical grouping of people, spaces, apps, and pipelines. There are four roles a user can have in a team. A collab has access only to certain apps they’ve been explicitly granted. A viewer can view all people, apps, and pipelines in the team, but cannot change or add any of them. An admin implicitly has access to all app permissions on apps within the team.
| Role | Admin | Collab | Member |
|---|---|---|---|
| Team Resources | |||
| View apps | X | X | |
| Create apps | X | X | |
| Manage spaces | X | ||
| Manage pipelines | X | X | |
| View spaces | X | X | |
| Team Access | |||
| View | X | X | X |
| View users | X | X | |
| Manage users | X | ||
| View collaborators | X | X | |
| View invitations | X | X | |
| Manage invitations | X | ||
| View identity providers | X | X | |
| Manage identity providers | X | ||
| Team Configurations | |||
| Manage | X | ||
| View preferences | X | X | X |
| View features | X | X | X |
| Manage features | X | ||
| Manage preferences | X | ||
| View whitelist | X | X | X |
| Manage Whitelist | X | ||
| Manage Webhooks | X | ||
| Team Usage/Billing | |||
| View invoices | X | ||
| View licenses | X | ||
| View payments | X | ||
| Manage payments | X | ||
If you are an “admin” in a team you by default have all four app permissions (deploy, manage, operate and view).
Related Articles: