Team & Permissions
Manage team members, assign roles, and control who can access, configure, and deploy your agents.
Overview
Every Connic project supports multiple team members with role-based access control. Manage your team in Project Settings → Team. Each member is assigned a role that determines what they can see and do within the project.
Roles
Connic uses three roles with increasing levels of access:
| Role | Capabilities |
|---|---|
| Owner | Full access. Can delete the project and transfer ownership. Each project has exactly one owner. |
| Admin | Can edit project settings, manage team members, configure connectors, manage environments, manage billing, and deploy. Cannot delete the project. |
| Member | Can deploy agents, manage connectors, view runs and traces, trigger agents manually, and manage knowledge base content. Cannot access project settings or team management. |
Permission Matrix
A detailed breakdown of what each role can do:
| Action | Owner | Admin | Member |
|---|---|---|---|
| View agents & runs | |||
| View traces & logs | |||
| Trigger agents | |||
| Deploy | |||
| Manage connectors | |||
| Manage knowledge base | |||
| Edit project settings | |||
| Manage team members | |||
| Manage environments | |||
| Manage billing | |||
| Delete project |
Inviting Members
Owners and admins can invite new members to the project:
Enter Email
Type the email address of the person you want to invite.
Select Role
Choose the role to assign: Admin or Member. You can promote members later.
Send Invite
The invited person receives an email and sees the invitation in their Connic dashboard. They can accept or decline.
Managing Members
From the team settings page, owners and admins can:
- Change roles: Promote or demote members using the role dropdown next to their name (Owner role cannot be changed)
- Remove members: Remove a member from the project (you cannot remove yourself or the project owner)
- Cancel invites: Withdraw pending invitations that have not been accepted yet
API Key Permissions
In addition to team roles, Connic provides a separate permission model for API keys that controls programmatic access to the REST API. While team roles govern what members can do in the dashboard, API key permissions govern what automated requests are allowed to do.
When creating an API key in Project Settings → CLI / API Keys, you can choose between Full Access (unrestricted) or use the permission picker to grant read and/or write access per API section:
- Sections map to API endpoint groups:
agents,runs,knowledge,judges,budgets,audit-logs,deployments readallows GET requests,writeallows POST, PUT, PATCH, and DELETE- Check All sections (*) to grant access across all current and future endpoints
- Keys with Full Access enabled have no restrictions (the default)
See the REST API docs for full details on authentication, rate limiting, and available endpoints.
Audit Log
All changes made by team members are tracked in the project's audit log, accessible from Project Settings → Audit Log. The audit log records:
- Who performed the action and when
- What was changed (with before and after values)
- The action category (project, deployment, connector, environment, variable, API key, billing, member, invite, Git)
Use the filters to narrow the log by time range, action type, or specific user. Retention period depends on your subscription.
Project Ownership
Each project has exactly one owner. Ownership cannot be transferred through the team settings UI. If you need to change the project owner, contact Connic support.