/
Contact usSee pricingStart building

    Management

    API keys
    Redirect urls
    Event logs
    Dashboard roles & permissions
    Webhooks

    Programmatic Workspace Actions

    Overview
    Limits
    Email templates
      Email template object
      Sender information object
      Prebuilt customization object
      Custom HTML customization object
      Create email template
      Get email template
      Get all email templates
      Update email template
      Delete email template
    Projects
      Project object
      Create project
      Get project
      Get all projects
      Update project
      Delete project
    Project metrics
      Metrics object
      Get project metrics
    JWT templates
      JWT template object
      Get JWT templates
      Set JWT templates
    Password strength config
      Password strength config object
      Get password strength config
      Set password strength config
    Public tokens
      Public token object
      Create public token
      Get all public tokens
      Delete public tokens
    RBAC policy
      Policy object
      Role object
      Permission object
      Resource object
      Get RBAC policy
      Set RBAC policy
    Redirect URLs
      Redirect URL object
      URL type object
      Create redirect URL
      Get redirect URL
      Get all redirect URLs
      Update redirect URL
      Delete redirect URL
    SDK config
      SMSAutofillMetadata object
      ConsumerSDKBasicConfig object
      ConsumerSDKSessionsConfig object
      ConsumerSDKMagicLinksConfig object
      ConsumerSDKOTPsConfig object
      ConsumerSDKOAuthConfig object
      ConsumerSDKTOTPsConfig object
      ConsumerSDKWebauthnConfig object
      ConsumerSDKCryptoWalletsConfig object
      ConsumerSDKDFPPAConfig object
      ConsumerSDKBiometricsConfig object
      ConsumerSDPasswordsConfig object
      ConsumerConfig object
      B2BSDKBasicConfig object
      B2BSDKSessionsConfig object
      B2BSDKMagicLinksConfig object
      B2BSDKOTPsConfig object
      B2BSDKOAuthConfig object
      B2BSDKTOTPsConfig object
      B2BSDKSSOConfig object
      B2BSDKPasswordsConfig object
      B2BConfig object
      Get Consumer SDK config
      Set Consumer SDK config
      Get B2B SDK config
      Set B2B SDK config
    Secrets
      Secret object
      CreatedSecret object
      Create secret
      Get secret
      Get all secrets
      Delete secret
Get support on SlackVisit our developer forum

Contact us

Home

/

Workspace management

/

Management

/

Dashboard roles & permissions

Dashboard Roles & Permissions

Roles Overview

Stytch's dashboard can be used for managing your integration configuration, debugging via event logs and DFP analytics, or performing customer support actions like resetting passwords.

To support this range of use cases, Stytch offers the following user roles in our dashboard:

  • Admin: Able to perform all actions across the dashboard, including managing Live API Keys.
  • Developer: Able to manage project configurations, as well as write access to all core entities. Can view and create API Keys in Test, but not in Live.
  • Support Manager: Read access to project configurations and event logs, and write access to project Users, Members, Organizations (including managing SSO and SCIM Connections) and Device Fingerprinting rules.
  • Support Agent: Read access to project Users, Members, Organizations and event logs. Able to take non-destructive write actions on Users/Members, such as resetting passwords and revoking sessions.
  • No Access: No functional access within the dashboard, can view project names and workspace members. Can be used to provision users without yet granting them a higher privilege role.

If you enable Just-in-Time (JIT) Provisioning to allow users from a specific email domain (i.e. stytch.com) to discover and join your workspace without an explicit invite those users will be assigned the Support Agent role by default. You can override this default by configuring an automatic role assignment for the email domain, which will apply to all workspace members with verified emails from that domain.

Detailed Permissions

AdminDeveloperSupport ManagerSupport AgentNo Access
Manage Workspace Members✅
Manage Workspace Settings✅
Manage Workspace Billing✅
Manage Live API Keys✅
Manage Test API Keys✅✅
Create Projects✅✅
Delete Projects✅
Manage Project Configurations✅✅
View Project Configurations✅✅✅
Manage M2M Clients✅✅
View M2M Clients✅✅✅
Manage Users, Members and Organizations✅✅✅
View Users, Members and Organizations✅✅✅✅
Impersonate Users and Members✅✅✅
Manage DFP Rules✅✅✅
View DFP Rules✅✅✅✅
View DFP Analytics✅✅✅✅
View Event Logs✅✅✅✅
Trigger Password Resets✅✅✅✅
Revoke Sessions✅✅✅✅
Reactivate Emails✅✅✅✅

Roles Overview

Detailed Permissions