Introduction
The access rights within Sana Agents determine which users can use or manage content and integrations. These rights keep sensitive information limited to authorized users, and can mirror the permissions set in connected external systems like Google Drive or SharePoint. Access rights are structured in three hierarchical levels: Workspace, Folder, and Asset. At each level, there are three main roles—Owners, Editors, and Viewers—each with specific permissions designed to facilitate a secure and collaborative environment.
Workspace level
Workspace owners
Have the highest level of authority within the workspace. Owners can:
Invite, manage, and remove users
Create and manage folders, which includes organizing, updating, and controlling access to collections within the workspace.
Upload assets
Create and update agents
Create shared and centralized integrations
Create and share prompts across the organization through tasks
Note: Owners cannot access an individual user’s private folders, files, or prompts unless these are explicitly shared with them.
Workspace editors
Come second in the order of hierarchy. Editors can:
Create shared folders
Create and update agents
Contribute to a folder by adding or modifying content but cannot delete the folder
Add files to shared folders (if given access to them)
Manage control specific administrative capabilities, such as managing certain settings or inviting new users as Viewers
Create, save, and share tasks
Workspace viewers
Primarily engage with the system's existing content, utilizing agents and chat functionalities. Viewers can:
Create invite-only folders
Create and save their own prompt tasks
Connect and manage private integrations
Upload and selectively share their private files
Create and save their own tasks
Viewers have read-only access to the workspace, meaning they can view content within the workspace that they have been given access to but cannot make any changes.
Owners | Editors | Viewers |
• Invite, manage, and remove users | • Invite new users as Viewers |
|
• Create and update agents | • Create and update agents |
|
• Create and manage folders | • Create shared folders | • Create invite-only folders |
• Upload assets/content | • Add and modify assets/content | • Upload and share private files |
• Create shared integrations | • Manage certain settings | • Manage private integrations |
• Create, Save and Share prompts via tasks | • Create, save, and share task | • Create and save prompt tasks |
• Cannot access private folders and files unless they are shared | • Cannot access private folders and files unless they are shared | • Cannot access private folders and files unless they are shared |
Folder level
Owners: Can fully manage the folder including adding content, modifying other users' permissions, or deleting the folder.
Editors: Can manage which files belong to the folder, adding or removing content as necessary.
Viewers: Have read-only access, enabling them to engage with the folder's contents through chat.
Owners | Editors | Viewers |
• Full management of the folder | • Manage files in the folder | • Read-only access |
• Modify permissions | • Add and remove content | • Engage with the folder's contents through chat. |
• Delete the collection. |
|
|
Asset level
Owners: Have complete control over the asset's lifecycle and accessibility, including the ability to delete, edit, share, and view it.
Editors: Can edit, share, or view the asset, providing them with a level of control that does not extend to deletion.
Viewers: Are limited to viewing the asset, ensuring they have access, without the ability to alter or distribute it.
Owners | Editors | Viewers |
• Full control over lifecycle | • Edit, share, and view assets | • View assets only |
• Delete, edit, share, and view assets | • Cannot delete assets |
|
In this context, an "asset" refers to any individual piece of content or data within the system, such as documents, files, or other digital resources. Asset management involves controlling who can access, modify, or distribute these items.
Agent level
Owners: Have complete control over the Agent lifecycle and accessibility, including the ability to delete, edit, share, and view it.
Editors: Can edit, share, or view the Agent, providing them with a level of control that does not extend to deletion.
Viewers: Are limited to viewing the asset and ensuring they have access without the ability to alter or distribute it.
Owners | Editors | Viewers |
• Full control over lifecycle | • Use, edit, share and view agents | • View and use agents only |
• Use, edit, share, view and delete agent | • Cannot delete agents |
|
For further questions or information about Sana Agents, please contact [email protected] via email or directly in the helpcenter chat.