User Settings & Access Control#
Ejento AI provides a comprehensive access control system that enables organizations to manage users, teams, projects, and assistants with precision and security. Understanding the different user roles and permission levels is essential for effective collaboration and system administration.
Overview#
The platform implements a hierarchical permission structure across three key dimensions:1.
User Roles — Define system-wide administrative capabilities (Global Admin, Application Admin, User).
2.
Resource Permissions — Control access and visibility within specific Projects or Teams.
3.
Assistant Permissions — Manage individual assistant access and specialized rights.
This multi-layered approach ensures that users have exactly the access they need based on their responsibilities while maintaining strict organizational security.
User Roles#
Ejento AI supports three primary user roles, each with distinct responsibilities and levels of control:Global Admin#
The Global Admin has the highest level of access and control in the system.| Capability | Details |
|---|
| User Management | Can assign roles to others, including making them Application Admins, Global Admins, or Users. |
| Global Access | Automatically acts as an Admin for all Teams, Projects, and Assistants within the organization. |
| Admin Panel Access | Full access to all administrative tools, including Analytics, User Management, Chatlogs, and API Keys. |
| Privileges | Inherits all capabilities of Application Admins and standard Users. |
Global Admins cannot manage other Global Admins.
Application Admin#
An Application Admin manages operations and resources with elevated privileges.| Capability | Details |
|---|
| User Management | Can assign roles to others, making them Application Admins or Users. Cannot manage Global Admins. |
| Resource Management | Can create Teams, Projects, and Assistants. |
| Admin Panel Access | Limited access to the admin panel, focused on resource-specific analytics and user settings. |
| Privileges | Inherits all capabilities of a standard User. |
User#
A User is the base role for exploring and utilizing platform features.| Capability | Details |
|---|
| Resource Creation | Can create Assistants in projects they have access to. |
| Assistant Management | Can manage assistants they have created or have been assigned to. |
| Default Role | The default assignment for new users, including SSO logins. |
Quick Reference Table#
| Role | Permissions | Description |
|---|
| Global Admin | Full Access | Highest level of control. Manages teams, users, and all organizational data. |
| Application Admin | Elevated Access | Can create and manage resources and assign Application Admin/User roles. Restricted from global system settings. |
| User | Limited Access | Can use platform features and create individual assistants but has no administrative power. |
Understanding Propagation & Hierarchy#
Access in Ejento AI is inherited from the top down:1.
Organization Level — Roles assigned here (like Global Admin) flow down to every child Project and Assistant.
2.
Project Level — Being an Admin of a Project automatically makes you an Admin of every Assistant within it.
3.
Team Level — If a Team is granted access to a Project, every member of that Team inherits that access for the Project and its Assistants.
4.
Highest Privilege — If a user has overlapping permissions, the platform always honors the highest level of access.
If a user is a Member through a Team but an Admin explicitly, the platform will always honor the higher privilege — Admin.
