This page provides an overview of roles and permissions for each API Hub feature, including API Hub for Portal, Design, Explore, Contract Testing, and Test. It details how administrators can manage user access and responsibilities. Each feature has unique role-based access controls (RBAC). Links to relevant documentation are included for in-depth guidance.
The following roles and permissions in the solution interface can be set and managed. Refer to Adding and Managing Users for more information.
API Hub for Design offers a robust user management framework for user permissions.
You can manage roles using the user interface (UI) or the User Management API.
Set access to the organization, project, and API levels, ensuring each user has the minimum required access.
Administrators can manage roles in bulk, which is ideal for large teams or dynamic projects.
Role | Role Permissions |
|---|---|
Owner | Invite Org Members, Change Access and Roles Create and Modify Projects Create Teams Modify Team Members and Resources Create Resource Edit Resources and Make a resource public. View, Delete, and Share Resources Comment on Resource Billing and Subscriptions Standardization - full access to controls Set Up Integrations |
Admin | A team admin can manage the members. Administrators cannot assign the team to team members' resources - add, remove, or change roles (between admin or member). The admin can also update the team description and delete the team. However, administrators cannot assign the team to resources limited to Owners. |
Designer (Edit) | Create Resource Edit Resource Make a resource public (when the setting is ENABLED) View, Delete, and Share Resources (ORG Designers only - when the setting is ENABLED) Comment on Resource |
Designer (resource level) | Edit Resource Make a resource public (when setting is ENABLED) View and Comment on Resource |
Consumer (View / Comment) | View and Comment on Resource (when setting is ENABLED) |
Consumer (resource level) | View and Comment on Resource (when the setting is ENABLED) |
Access for Users with No Role
Users without specific roles can still access API Hub for Design to view public APIs and organization domains.
API Hub for Design owners can assign users to the API or domain. The User role is intended to work in conjunction with team assignments and, therefore, has managed team permissions (rather than manage permissions) for all resources associated with a team. The User role should be assigned to all developers, testers, and levels.
Collaborators
Collaborators are termed users without an assigned subscription and with one or more resource-level role assignments.
Multiple Roles
Users can hold multiple roles across different levels and resources. Refer to the Design Documentation for information on Resource Roles.
API Hub for Portal leverages API Hub for Design’s user management controls to streamline the admin experience with Available Portal-Specific role assignments. Refer to Role Management for more information on various roles and access.
Role | Role Permissions |
|---|---|
Organization-level owner | Assign roles. Delete products and portals. Use “access requests” feature. All designer permissions. |
Organization-level designer (or owner) | Edit and publish content in all products. Create products.All consumer permissions |
Organization-level consumer | View all private products |
Portal Product Designer | Edit and publish content in a product |
Portal Product Consumer | View product |
No role required | Access the landing page, view, and search public products. |
In Explore, permissions can be set at the project level. Refer to Managing Your Account.
Roles | Permissions |
|---|---|
Admin | Can edit endpoints and tests and Manage collaborators |
Editor | Can edit endpoints and test and invite collaborators |
Viewer | Can view endpoints and run tests |
Contract Testing includes predefined roles and supports customizable roles to meet organizational needs. Permissions are managed in the admin area of API Hub for Contact Testing. Refer to Contract Testing documentation for more information on Permissions.
Roles | Permissions |
|---|---|
Administrator | For users who manage the contract, user, and platform-related configuration |
Organization Administrator | An administrator with no API or contract data access. Does not consume a paid seat. |
Team Administrator | For users who manage specific teams. |
User | All new users are assigned the User role (unless the default role has been updated in the system preferences). The User role is intended to work in conjunction with team assignments and, therefore, has managed team permissions (rather than manage permissions) for all resources associated with a team. The User role should be assigned to all developers, testers, and other users who create and verify contracts on the PactFlow platform. Refer to User for more information on user roles and capabilities. |
CI/CD | This is for system accounts that query and publish contract data from CI/CD pipelines. |
Viewer | For users who should not modify any contract-related data. |
Guest | A read-only user with no API access and a user with the guest role can only view contract-related data through the UI and has no API access. |
API Hub for Design | Read-only user for the Design integration. |
SCIM | For the System Account used by the PactFlow SCIM API. |
API Hub for Test allows administrators to assign user roles to control access and permissions. Permissions are managed directly in the feature's admin pages, ensuring users have the appropriate level of access for their tasks. Refer to the API Hub for Test documentation for more information.
Roles | Permissions |
|---|---|
Read-Only | Read-only users can view test results and receive email notifications but cannot create, edit, or delete tests. |
Editor | This is for users who create and run tests and suites. Editors can also create and modify variables. |
Administrator | Administrators can manage the account subscription plan, view the invoice history, edit the current payment method, and manage other Administrator users. |