Roles and permissions
Uniform gives you the ability to control who can use specific components and how they can be used. This is configured using role-based permissions.
Roles are defined at the team level, but are assigned to users on a per-project basis. This means that a user may be assigned a certain role on one project and a different role on another project.
Permissions are assigned to components by role. This means that if two users are assigned to different roles in the project, they may have different permissions on each component in the project.
About access control#
Uniform functionality is always performed by either a user or an API key. Therefore, access control is applied to users and API keys.
- Access control is set on the project level. This enables a specific user or API key to be granted permissions on a per-project basis.
- Access control is granted in one of two ways: roles or custom permissions.
- If roles are used, the permissions assigned role(s) are granted.
- If custom permissions are used, the custom permissions are granted.
Permissions#
Permissions are assigned to composition components or content types to control which roles can create different compositions or content entries. Custom permissions enable more granular control over access to composition components. After configuring users and roles, team administrators can navigate to a composition component in Canvas, choose the settings tab, and add role-based permissions to the component.
Roles#
Roles are a reusable collection of permissions that are defined on a team and are assigned to users and API keys for a project.
When a user is added to a project, multiple roles can be assigned to them. This allows to define very focused roles that can be combined to allow very specific access to projects.
Default roles#
The following roles are added to a team by default when the team is created: Developer, Editor, and Viewer.
The following sections describe the permissions for each role:
The Developer role has full access to all Uniform features and is designed for technical team members who need complete control over projects.
Permissions:
- Manage components, content types, and AI prompts
- Create, update, delete, and publish all content (compositions, entries, assets)
- Manage data sources, data types, project maps, and redirects
- Complete control over releases (create, update, delete, and launch)
- Create, update, and delete enrichments, intents & audiences, quirks, signals, and tests
- Publish manifests and read both draft and published content
The Editor role is designed for content creators and provides broad access to content management with limited administrative capabilities.
Permissions:
- Create, update, and delete content (compositions, entries, assets)
- Read both draft and published content
- Manage data sources, data types, project maps, and redirects
- Create and update releases (but cannot delete or launch them)
- Create, update, and delete enrichments, intents & audiences, quirks, signals, and tests
- Read draft content and published manifests
Limitations:
- Cannot manage components, content types, or AI prompts
- Cannot publish content or manifests
- Cannot delete or launch releases
The Viewer role provides read-only access across the platform and is ideal for stakeholders who need to review content without making changes.
Permissions:
- Read both draft and published content (compositions, entries, assets)
- Read published manifests and other platform content
- No create, update, delete, or publish capabilities
tip
Team admins can change or delete these roles. They're added for convenience and aren't required in order for Uniform to function.
Common tasks#
Assign composition permissions#
You are able to assign permissions on composition components to control which roles are able to create, edit, and delete certain kinds of compositions.
Use case
If you are building a site with sensitive pages, such as those with legal information, you might want to restrict the ability to create these kinds of pages to certain users.
Permissions must be assigned to a composition component to allow team members or APIs to work with compositions. Custom permissions can extend how permissions are applied. To grant Create and Read access to compositions, the user must also have "Manage Component Library" access. Also, if a role or API has read access to a composition that has been personalized, they will have read access to context elements.
In Experience > Components, open a component that's marked as a composition component.
Navigate to the tab CompositionSettings.
Turn off the option Use team permissions.
About this step
When this option is enabled, any user with permission Compositions Create can create compositions using the composition component. Disabling this option allows you to override this setting to prevent users from being able to use this composition component.
Click Add permissions to component button.
Select the role you want the permissions to be applied to.
Select the permissions you want to be applied:
Permission Description Read View compositions created using the component. Write Make changes to and publish compositions created using the component. Create Create new compositions using the component. Delete Delete compositions created using the component. Click OK.
Click Save to save the changes to the component.
Create role#
You create a new user by inviting the person to Uniform.
- In Uniform, navigate to Security > Roles.
- Click the red Add role button.
- Enter the role's name
- Select the permissions you want to assign.
- Click Add Role.
Delete role#
Deleting a role enables you to remove the role from your Uniform team.
- In Uniform, navigate to Security > Roles.
- Click the name of the role you want to delete.
- Click Delete Role.
- Click OK.
Update role#
Editing a role enables you to change the permissions for the role.
- In Uniform, navigate to Security > Roles.
- Click the name of the role you want to edit.
- Select the permissions you want to assign.
- Click Save.