Access Roles
APIContext uses five project-level roles to control what members can see and change. Roles are assigned per-project — a user can be an EDITOR on one project and a VIEWER on another.
Role capabilities
| Capability | OWNER | MANAGER | EDITOR | ANALYST | VIEWER |
|---|---|---|---|---|---|
| View monitors and results | ✓ | ✓ | ✓ | ✓ | ✓ |
| Run monitors on demand | ✓ | ✓ | ✓ | ✓ | |
| Create / edit monitors | ✓ | ✓ | ✓ | ||
| Configure Monitor Authentication | ✓ | ✓ | ✓ | ||
| Configure alerts and webhooks | ✓ | ✓ | ✓ | ||
| Manage schedules | ✓ | ✓ | ✓ | ||
| Manage project settings | ✓ | ✓ | |||
| Invite / remove project members | ✓ | ✓ | |||
| Transfer project ownership | ✓ | ||||
| Delete the project | ✓ |
Role descriptions
OWNER — Full control. There is always exactly one OWNER per project; ownership can be transferred to another member.
MANAGER — Can do everything an EDITOR can do, plus manage project settings and membership. Cannot delete the project or transfer ownership.
EDITOR — The standard operational role. Creates and edits monitors, manages authentications, configures alerts. Monitor Authentication setup requires at least EDITOR.
ANALYST — Read + run access. Can trigger on-demand monitor runs and access all results and analytics, but cannot create or modify monitors.
VIEWER — Read-only access. Can view monitors, results, and dashboards, but cannot trigger runs or modify anything.
Monitor Authentication and roles
Configuring Monitor Authentication (OAuth tokens, API keys, signing certificates) requires EDITOR or higher. This ensures that credentials are only added or modified by users with write access to the monitors that use them.
Inviting a user to a project
See Invite a user to join a project for step-by-step instructions.