Skip to Content

Teams: Role-Based Access Control

Teams are the primary mechanism for implementing role-based access control in APIGIT. Created within organizations, teams allow you to group members and assign permissions based on their roles or responsibilities.

Each organization supports three types of teams, arranged in a hierarchical structure:

Owner Team

The Owner Team sits at the top of the permission hierarchy:

  • Automatic Creation: Generated automatically when an organization is established
  • Initial Membership: The organization creator becomes the first member
  • Permanence: Cannot be deleted and must maintain at least one member
  • Access Level: Possesses full control over all organization repositories
  • Special Privileges: Can modify organization settings, manage teams, and adjust billing

Admin Teams

Admin Teams function as delegated administrators for specific areas:

  • Purpose: Created to manage specific repositories or functional areas
  • Access Level: Members have full administrative access to assigned repositories
  • Team Creation Rights: Members can create new teams within the organization
  • Repository Management: Can configure repository settings and access controls
  • Member Management: Can add or remove members from non-owner teams

General Teams

General Teams provide customizable, task-specific access:

  • Flexible Permissions: Customizable unit-level permissions (Code, Issues, Pull Requests)
  • Repository Scope: Can be limited to specific repositories or granted access to all
  • Creation Rights: Can be configured to allow or restrict repository creation
  • Operational Focus: Members perform day-to-day operations based on assigned permissions
  • Scalability: Ideal for project teams, functional groups, or departmental divisions

Managing Teams

Team Administration

To manage teams within an organization:

  1. Navigate to the organization’s detail page
  2. Switch to the “Teams” tab
  3. Use the interface to create new teams or modify existing ones

From this interface, you can:

  • Create teams with specific types and permission levels
  • Delete teams that are no longer needed
  • View team membership and repository access
  • Configure team settings and permission scopes

Organization Teams Management Screen

Team Configuration Best Practices

When configuring teams, consider these best practices:

  • Minimize Owner Team Size: Limit owner team membership to essential personnel
  • Use Admin Teams Strategically: Create admin teams for repository-specific management
  • Map Teams to Roles: Align general teams with functional roles in your organization
  • Review Regularly: Periodically audit team memberships and permissions
  • Implement Least Privilege: Grant only the permissions necessary for team members to perform their duties

Team Membership Management

After creating teams, you’ll need to manage their membership:

  1. Select the team you wish to modify
  2. Access the team’s member management interface
  3. Add colleagues from your subscription account
  4. Remove members who no longer require access

Remember that all team members must first be added as colleagues to your subscription account before they can be assigned to teams.

Last updated on