Role-Based Access Control (RBAC) provides comprehensive access management across the entire Requesty platform, ensuring users only see and access data appropriate to their organizational role and responsibilities.

Overview

RBAC forms the foundation of enterprise security by controlling what users can see and do across observability, API keys, analytics, logs, and all platform features. This ensures data isolation, security compliance, and appropriate access levels for different organizational roles.

What RBAC Controls

Data Visibility

Control which logs, analytics, and observability data users can access

API Key Management

Manage who can create, modify, and view different API keys

Platform Features

Control access to admin panels, settings, and enterprise features

User Isolation

Ensure users only see their own data unless granted broader permissions

Core RBAC Principles

Access Control Scope

Platform-Wide Coverage:
  • Observability dashboards and metrics
  • API key creation and management
  • Log viewing and analytics
  • User and group management
  • Billing and usage data
  • Administrative functions
Data Isolation:
  • Individual users see only their own data by default
  • Admins have organization-wide visibility
  • Role-based expansion of access permissions
  • Secure multi-tenant data separation

Current Role Types

Standard User Role

Default Access Level:
  • Personal Data Only: Users see logs, analytics, and metrics for their own API usage
  • Own API Keys: Can create, modify, and view their personal API keys
  • Limited Observability: Access to personal performance metrics and usage data
  • Basic Settings: Manage personal account settings and preferences
What Standard Users See:
  • Personal API request logs
  • Individual usage analytics
  • Own spending and limit information
  • Personal session data and context

Administrator Role

Organization-Wide Access:
  • All User Data: Complete visibility into organization logs, analytics, and metrics
  • Full API Key Management: Create, modify, and view all organization API keys
  • Complete Observability: Access to organization-wide performance and usage data
  • Administrative Functions: User management, group configuration, enterprise features
What Administrators See:
  • All organization API request logs
  • Organization-wide analytics and trends
  • All user spending and usage patterns
  • Complete audit trails and system metrics
  • Enterprise feature configuration panels

RBAC Implementation Across Features

Observability & Analytics

Personal Dashboard: - Individual API usage metrics - Personal request/response logs - Own performance analytics - Personal cost tracking - Individual error rates and patterns

API Key Management

Data Access Patterns

Standard User Data Flow:
  1. User authenticates with platform
  2. RBAC filters show only personal data
  3. API keys display user’s own keys only
  4. Analytics show individual usage patterns
  5. Logs contain only user’s API requests
Administrator Data Flow:
  1. Admin authenticates with elevated permissions
  2. RBAC grants organization-wide visibility
  3. All API keys and users visible
  4. Complete analytics and metrics access
  5. Full audit trail and system logs available

Security & Compliance Benefits

Data Protection

User Privacy:
  • Automatic data isolation between users
  • Personal information protected from other users
  • Individual usage patterns kept private
  • Secure separation of user contexts
Organization Security:
  • Administrative oversight with complete visibility
  • Audit trails for compliance requirements
  • Centralized security policy enforcement
  • Role-appropriate access controls

Compliance Advantages

Integration with Enterprise Features

Works with Other Systems

User Management Integration:
  • User roles determine platform access levels
  • Individual users automatically isolated
  • Admin users get organization-wide visibility
  • Role assignments control feature access
Group-Based Enhancement:
  • Groups can have shared visibility permissions
  • Group admins may see group-specific data
  • Flexible role assignment within groups
  • Enhanced collaboration with controlled access
API Key Policy Integration:
  • RBAC controls who can create and modify API keys
  • Role-based API key sharing and management
  • Permission levels for different key types
  • Administrative oversight of all organization keys

Enterprise Feature Access

Feature Visibility Matrix:
FeatureStandard UserAdministrator
Personal Analytics✅ Own Data✅ All Data
API Key Creation✅ Personal✅ Organization
User Management
Group Configuration
Approved Models
Guardrails Config
Billing Overview✅ Personal✅ Organization
System Settings

Future Role Expansion

Custom Roles (Coming Soon)

Planned Role Types:
  • Group Administrators: Manage specific groups with limited admin access
  • Read-Only Analysts: View organization data without modification permissions
  • API Key Managers: Specialized role for API key creation and management
  • Billing Administrators: Financial oversight without technical admin access
Custom Permission Sets:
  • Granular permission assignment
  • Mix-and-match capability access
  • Department-specific role creation
  • Project-based access controls

Advanced RBAC Features

Enhanced Capabilities:
  • Time-based role assignments
  • Conditional access based on usage patterns
  • Integration with external identity providers
  • Advanced audit and compliance reporting

Best Practices

Role Assignment Strategy

Start Minimal

Begin with standard user roles and promote to admin only when necessary

Regular Review

Periodically review role assignments and adjust based on organizational changes

Audit Access

Monitor admin access patterns and maintain audit trails for compliance

Document Roles

Maintain clear documentation of who has admin access and why

Security Implementation

Access Management:
  • Limit admin roles to essential personnel only
  • Regular access reviews and role updates
  • Clear escalation procedures for access requests
  • Integration with existing identity management systems
Monitoring & Compliance:
  • Log all administrative actions
  • Monitor for unusual access patterns
  • Regular compliance assessments
  • Incident response procedures for access violations

User Experience

For Standard Users

Simplified Interface:
  • Clean, focused view of personal data
  • No overwhelming organization-wide information
  • Intuitive access to personal features
  • Clear visibility into own usage and costs

For Administrators

Comprehensive Control:
  • Complete organization visibility
  • Administrative tools and configuration panels
  • User management and oversight capabilities
  • Enterprise feature configuration access
RBAC ensures that every user has the right level of access for their role while maintaining security and compliance across your organization’s AI infrastructure.
Administrator roles have significant access to organization data and settings. Carefully manage admin role assignments and regularly review access permissions to maintain security.
The RBAC system provides the security foundation that enables safe, compliant, and efficient AI operations across your entire organization while ensuring appropriate data visibility and access control for all users.