Manage Team Access
CodeStax uses a role-based access control (RBAC) system. Organization owners and admins can invite team members, assign roles, and control who can scan, configure, and manage the platform.
Role Hierarchy
Inviting Team Members
Permissions Matrix
| Action | Viewer | Member | Org Admin | Org Owner |
|---|---|---|---|---|
| View scan results | Yes | Yes | Yes | Yes |
| View dashboards and reports | Yes | Yes | Yes | Yes |
| Trigger scans | No | Yes | Yes | Yes |
| Use AI fixes | No | Yes | Yes | Yes |
| Connect repositories | No | Yes | Yes | Yes |
| Configure policies | No | No | Yes | Yes |
| Manage integrations | No | No | Yes | Yes |
| Invite/remove members | No | No | Yes | Yes |
| Change member roles | No | No | Yes | Yes |
| Manage billing | No | No | No | Yes |
| Delete organization | No | No | No | Yes |
Role Assignment Guidelines
Choosing the right role for each team member:
| Team Role | Recommended CodeStax Role | Why |
|---|---|---|
| Software Developer | Member | Can scan their code and apply fixes, but can’t change org-wide settings |
| Tech Lead / Senior Dev | Org Admin | Needs to configure policies, quality gates, and manage team settings |
| Security Engineer | Org Admin | Needs full access to policies, compliance reports, and all scan results |
| Engineering Manager | Viewer or Org Admin | Viewer for oversight, Admin if they manage security processes |
| Product Manager / Stakeholder | Viewer | Read-only access to dashboards and reports is sufficient |
| CTO / VP Engineering | Org Owner | Needs billing access and full organizational control |
Managing Existing Members
Changing Roles
- Navigate to Settings → Members
- Find the member in the list
- Click the role dropdown next to their name
- Select the new role
- Changes take effect immediately
Removing Members
- Navigate to Settings → Members
- Find the member you want to remove
- Click the remove button (trash icon)
- Confirm the removal
Removed members immediately lose access to all organization data, scans, and repositories.
Reviewing Activity
For compliance and oversight, use the audit log to track team activity:
- Navigate to Settings → Audit Log
- Filter by user, action type, or date range
- Review who triggered scans, changed policies, or modified team membership
The audit log is immutable and retained according to your plan’s data retention policy.
Plan Limits
Team size limits depend on your subscription plan:
| Plan | Max Members |
|---|---|
| Free | 1 |
| Growth | 50 |
| Pro | Unlimited |
| Enterprise | Unlimited |
If you’ve reached your plan’s member limit, you’ll need to upgrade before inviting additional members. See Plans & Billing for details.
Related Guides
- Your First Day with CodeStax — Initial setup including team invitations
- Set Up Quality Gates — Configure policies that apply to all team members
- Generate Compliance Reports — Demonstrate access controls to auditors