grafana/docs/sources/permissions/organization_roles.md

+++
title = "Organization roles"
description = "Grafana organization roles guide "
keywords = ["grafana", "configuration", "documentation", "organization", "roles", "permissions"]
type = "docs"
[menu.docs]
name = "Organization Roles"
identifier = "organization-roles"
parent = "permissions"
weight = 30
+++

# Organization roles

Users can belong to one or more organizations. A user's organization membership is tied to a role that defines what the user is allowed to do
in that organization.

## Admin role

Can do everything scoped to the organization. For example:

- Can add, edit, and delete data sources.
- Can add and edit users and teams in organizations.
- Can add, edit, and delete folders.
- Can configure app plugins and organization settings.
- Can do everything allowed by the Editor role.

## Editor role

- Can view, add, and edit dashboards, panels, and alert rules in dashboards they have access to. This can be disabled on specific folders and dashboards.
- Can create, update, or delete playlists.
- Can access Explore.
- Cannot add, edit, or delete data sources.
- Cannot add, edit, or delete alert notification channels.
- Cannot manage other organizations, users, and teams.

This role can be tweaked via Grafana server setting [editors_can_admin]({{< relref "../administration/configuration.md#editors_can_admin" >}}). If you set this to `true`, then users
with the Editor role can also administrate dashboards, folders and teams they create. This is especially useful for enabling self-organizing teams to administer their own dashboards.

## Viewer role

- Can view any dashboard they have access to. This can be disabled on specific folders and dashboards.
- Cannot add, edit, or delete data sources.
- Cannot add, edit, or delete dashboards or panels.
- Cannot create, update, or delete playlists.
- Cannot add, edit, or delete alert notification channels.
- Cannot access Explore.
- Cannot manage other organizations, users, and teams.

This role can be tweaked via Grafana server setting [viewers_can_edit]({{< relref "../administration/configuration.md#viewers-can-edit" >}}). If you set this to `true`, then users
with the Viewer role can also make transient dashboard edits, meaning they can modify panels and queries but not save the changes (nor create new dashboards).
This is especially useful for public Grafana installations where you want anonymous users to be able to edit panels and queries but not save or create new dashboards.
restructure administration/permissions page into a section with sub pages 2018-10-30 12:43:54 -05:00			`+++`
Docs: Update organization_roles.md (#25912) * Update organization_roles.md * Update docs/sources/permissions/organization_roles.md Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> 2020-07-01 11:08:46 -05:00			`title = "Organization roles"`
			`description = "Grafana organization roles guide "`
restructure administration/permissions page into a section with sub pages 2018-10-30 12:43:54 -05:00			`keywords = ["grafana", "configuration", "documentation", "organization", "roles", "permissions"]`
			`type = "docs"`
			`[menu.docs]`
			`name = "Organization Roles"`
			`identifier = "organization-roles"`
			`parent = "permissions"`
Add docs for user management (#24277) * Add docs for user management * WIP 2020-05-08 10:33:59 -05:00			`weight = 30`
restructure administration/permissions page into a section with sub pages 2018-10-30 12:43:54 -05:00			`+++`

Docs: Update organization_roles.md (#25912) * Update organization_roles.md * Update docs/sources/permissions/organization_roles.md Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> 2020-07-01 11:08:46 -05:00			`# Organization roles`
restructure administration/permissions page into a section with sub pages 2018-10-30 12:43:54 -05:00
Docs: Overcoming Grammatical errors (#22707) * correcting line 15 one typo needs correction * Update docs/sources/permissions/organization_roles.md Co-Authored-By: Peter Holmberg <peterholmberg@users.noreply.github.com> Co-authored-by: Peter Holmberg <peterholmberg@users.noreply.github.com> 2020-03-11 02:41:30 -05:00			`Users can belong to one or more organizations. A user's organization membership is tied to a role that defines what the user is allowed to do`
restructure administration/permissions page into a section with sub pages 2018-10-30 12:43:54 -05:00			`in that organization.`

Docs: Update organization_roles.md (#25912) * Update organization_roles.md * Update docs/sources/permissions/organization_roles.md Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> 2020-07-01 11:08:46 -05:00			`## Admin role`
restructure administration/permissions page into a section with sub pages 2018-10-30 12:43:54 -05:00
			`Can do everything scoped to the organization. For example:`

Docs: Update organization_roles.md (#25912) * Update organization_roles.md * Update docs/sources/permissions/organization_roles.md Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> 2020-07-01 11:08:46 -05:00			`- Can add, edit, and delete data sources.`
			`- Can add and edit users and teams in organizations.`
Docs: Added folder permission content (#26594) 2020-07-24 16:20:24 -05:00			`- Can add, edit, and delete folders.`
Docs: Update organization_roles.md (#25912) * Update organization_roles.md * Update docs/sources/permissions/organization_roles.md Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> 2020-07-01 11:08:46 -05:00			`- Can configure app plugins and organization settings.`
			`- Can do everything allowed by the Editor role.`
restructure administration/permissions page into a section with sub pages 2018-10-30 12:43:54 -05:00
Docs: Update organization_roles.md (#25912) * Update organization_roles.md * Update docs/sources/permissions/organization_roles.md Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> 2020-07-01 11:08:46 -05:00			`## Editor role`
restructure administration/permissions page into a section with sub pages 2018-10-30 12:43:54 -05:00
Docs: Update organization_roles.md (#25912) * Update organization_roles.md * Update docs/sources/permissions/organization_roles.md Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> 2020-07-01 11:08:46 -05:00			`- Can view, add, and edit dashboards, panels, and alert rules in dashboards they have access to. This can be disabled on specific folders and dashboards.`
			`- Can create, update, or delete playlists.`
			`- Can access Explore.`
			`- Cannot add, edit, or delete data sources.`
			`- Cannot add, edit, or delete alert notification channels.`
			`- Cannot manage other organizations, users, and teams.`
restructure administration/permissions page into a section with sub pages 2018-10-30 12:43:54 -05:00
Docs: Update organization_roles.md (#25912) * Update organization_roles.md * Update docs/sources/permissions/organization_roles.md Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> 2020-07-01 11:08:46 -05:00			This role can be tweaked via Grafana server setting [editors_can_admin]({{< relref "../administration/configuration.md#editors_can_admin" >}}). If you set this to `true`, then users
			`with the Editor role can also administrate dashboards, folders and teams they create. This is especially useful for enabling self-organizing teams to administer their own dashboards.`
docs: First take on describing feature toggle 2019-03-12 01:42:53 -05:00
Docs: Update organization_roles.md (#25912) * Update organization_roles.md * Update docs/sources/permissions/organization_roles.md Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> 2020-07-01 11:08:46 -05:00			`## Viewer role`
restructure administration/permissions page into a section with sub pages 2018-10-30 12:43:54 -05:00
Docs: Update organization_roles.md (#25912) * Update organization_roles.md * Update docs/sources/permissions/organization_roles.md Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> 2020-07-01 11:08:46 -05:00			`- Can view any dashboard they have access to. This can be disabled on specific folders and dashboards.`
			`- Cannot add, edit, or delete data sources.`
			`- Cannot add, edit, or delete dashboards or panels.`
			`- Cannot create, update, or delete playlists.`
			`- Cannot add, edit, or delete alert notification channels.`
			`- Cannot access Explore.`
			`- Cannot manage other organizations, users, and teams.`
restructure administration/permissions page into a section with sub pages 2018-10-30 12:43:54 -05:00
Docs: Update organization_roles.md (#25912) * Update organization_roles.md * Update docs/sources/permissions/organization_roles.md Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> 2020-07-01 11:08:46 -05:00			This role can be tweaked via Grafana server setting [viewers_can_edit]({{< relref "../administration/configuration.md#viewers-can-edit" >}}). If you set this to `true`, then users
			`with the Viewer role can also make transient dashboard edits, meaning they can modify panels and queries but not save the changes (nor create new dashboards).`
			`This is especially useful for public Grafana installations where you want anonymous users to be able to edit panels and queries but not save or create new dashboards.`