Members and roles
Give members exact permissions with Organization roles and resource scopes.
An Organization role is a reusable set of fixed permissions and explicit scopes. A member can hold several roles; effective access is the union of their valid grants.
Assign access
- Open Settings → Access. The page shows Organization roles that grant access to this Backend and links to Organization members and All Organization roles.
- In the Organization role editor, choose fixed permissions from Jetrepo’s catalogue.
- Set every required scope to All or Selected, then assign one or more roles to the member.
- Test both an allowed action and an out-of-scope action. Navigation visibility is not an authorization test.
Viewing this Backend page uses backend.read and ac.read. Role creation, changes, and deletion use ac.create, ac.update, and ac.delete. Membership actions use member.create, member.update, or member.delete; invitations use invitation.create or invitation.cancel.
Scope rules
| Scope | Limits |
|---|---|
| Backend | The top-level content and delivery boundary |
| Data Type | Selected Content or Asset types |
| Locale | Localized reads or edits for actions that support it |
| Vocabulary | Selected Taxonomy Vocabularies |
One role must contain both the permission and a scope matching the target. Missing or malformed required scope denies the action. There are no deny rules, role ranks, precedence rules, or direct-user exceptions.
The protected admin role grants the fixed catalogue. basic_member has only access-control read compatibility and no broad CMS grant.