Skip to main content
This feature is available exclusively as part of the Enterprise plan. Please refer to our pricing page for more information about our plans and features.

​
Overview

CodeRabbit includes three built-in system roles β€” Admin, Member, and Billing Admin β€” that cover common access patterns. With Custom RBAC (Role-Based Access Control), Enterprise customers can go further by defining additional roles with specific permissions tailored to their organization’s structure and workflows. Each custom role controls access to individual resources at one of three levels: no access, read only, or read and write. Once created, custom roles are available across your organization, including in Team Management for per-user assignment.

Custom role creation

Create roles with a unique name and an optional description to reflect their purpose in your organization.

Granular permissions

Control access to each resource independently using No access, Read only, or Read and Write β€” giving you precise control over what each role can do.

Default role assignment

Designate any custom role as the default so new users joining your organization are automatically assigned the right level of access.

Team Management integration

Assign custom roles to individual users directly from the Team Management page, alongside the built-in system roles.
Navigation paths for Roles and permissions settings:
  • Cloud: /settings/roles-permissions
  • Self-hosted: /settings/account/roles-permissions

​
View roles and permissions

1

Navigate to Roles and permissions

Go to your organization settings and open the Roles and permissions page. You will see a table listing all roles in your organization.
2

Review the roles table

The table displays the following columns for each role:
  • Role name β€” the display name of the role
  • Role type β€” labeled System for built-in roles (Admin, Member, Billing Admin) or Custom for user-created roles
  • Description β€” optional text describing the role’s purpose
  • Number of assigned users β€” how many users currently hold this role
  • Default role indicator β€” a star (β˜…) icon marks the role that is automatically assigned to new users
3

Search for a role

Use the Search field at the top of the table to filter roles by name or description. Results update as you type, making it easy to find a specific role in large organizations.
4

Filter by role type

Use the Filter dropdown to narrow the list by type:
  • All (default) β€” shows every role
  • System β€” shows only the built-in Admin, Member, and Billing Admin roles
  • Custom β€” shows only user-created custom roles

​
Create a custom role

1

Navigate to Roles and permissions

Go to your organization settings and open the Roles and permissions page.
2

Open the creation form

Click the Create role button in the top-right corner of the page. A creation form will appear.
3

Enter a name

Enter a Name for the role. This field is required. Role names must be unique within your organization β€” if the name is already taken, a validation message will appear and the form cannot be submitted until you choose a different name.
4

Add an optional description

Optionally enter a Description to explain what the role is for and who should be assigned to it. A good description helps administrators understand the role’s purpose at a glance.
5

Save the role

Click Save. The new role is created and automatically populated with the default member role permissions as a baseline.
6

Configure permissions

After saving, you are taken to the role detail page where you can adjust the permission matrix to match the access level intended for this role. See Edit role permissions below.

​
Duplicate an existing role

Duplicating a role copies all of its permission settings into a new role, saving time when you need a role that is similar to an existing one.
1

Locate the role to duplicate

On the Roles and permissions page, find the role you want to duplicate in the table.
2

Open the Actions menu

Click the Actions menu (the three-dot β‹― icon) at the far right of the role’s row.
3

Select Duplicate

Select Duplicate from the dropdown menu. A new role is immediately created with all the same permissions as the original. The new role’s name is prefixed with β€œCopy of” followed by the original role name.
4

Rename and adjust

Click the duplicated role’s name to open its detail page. Update the name, description, and any permissions as needed.

​
Edit role permissions

​
Role detail page

When you open a custom role by clicking its name on the Roles and permissions page, the detail page displays the following metadata:
  • Assigned users β€” the number of users currently assigned to this role
  • Role type β€” System or Custom
  • Created by β€” the user who created the role
  • Created on β€” the date the role was created

​
Permission matrix

Each resource can be configured independently. Select the access level that applies to this role for each resource:
ResourceNo accessRead onlyRead and Write
Organization settingsβœ“βœ“βœ“
Repository settingsβœ“βœ“βœ“
Reportsβœ“βœ“βœ“
Learningsβœ“βœ“βœ“
Team Managementβœ“βœ“βœ“
Billingβœ“βœ“β€”
API accessβœ“βœ“β€”
System roles β€” Admin, Member, and Billing Admin β€” are view-only and cannot be edited. Their permission matrices are displayed for reference but all controls are disabled.

​
Save or discard changes

1

Navigate to the role detail page

On the Roles and permissions page, click the name of the custom role you want to edit. The role detail page opens, showing the permission matrix.
2

Set access levels

For each resource in the permission matrix, select the desired access level using the radio buttons:
  • No access β€” the role cannot see or interact with this resource
  • Read only β€” the role can view this resource but cannot make changes
  • Read and Write β€” the role can view and modify this resource
3

Apply or cancel

Click Save to apply your changes. Click Discard to cancel all unsaved changes and revert to the previously saved state.

​
Set a default role

The default role is automatically assigned to new users when they join your organization, ensuring they have the appropriate baseline access without requiring manual role assignment.
1

Navigate to Roles and permissions

Go to your organization settings and open the Roles and permissions page.
2

Open the Actions menu

Click the Actions menu (the three-dot β‹― icon) next to the role you want to set as the default.
3

Set as default

Select Set as default from the dropdown menu. The role now displays a star (β˜…) icon in the Default column of the table, confirming it is the active default role.
4

Remove default status

To remove the default designation without assigning a new default, click the Actions menu next to the current default role and select Remove as default.
Only one role can be the default at a time. Setting a new role as default automatically removes the default designation from the previously assigned role.

​
Delete a custom role

Deletion is blocked when one or more users are assigned to the role. All users must be reassigned to a different role before deletion is possible. Additionally, if the role being deleted is currently set as the default role, its default status is automatically removed before deletion proceeds.
Reassign all users to another role before attempting to delete a custom role. Check the Assigned users count in the table β€” if it is greater than 0, navigate to Team Management to reassign those users first.
1

Navigate to Roles and permissions

Go to your organization settings and open the Roles and permissions page.
2

Verify no users are assigned

Check the Assigned users count in the row for the role you want to delete. If the count is greater than 0, go to Team Management and reassign those users to a different role before continuing.
3

Open the Actions menu

Click the Actions menu (the three-dot β‹― icon) next to the role.
4

Select Delete

Select Delete from the dropdown menu.
5

Confirm deletion

A confirmation dialog will appear asking you to confirm the deletion. Confirm to permanently remove the role. This action cannot be undone.

​
Assign roles in Team Management

The Team Management page supports both system and custom roles in the role selector, allowing you to assign any role β€” built-in or custom β€” to individual users.
1

Navigate to Team Management

Go to your organization settings and open the Team Management page.
2

Locate the user

Find the user whose role you want to change in the members list. Use the search field or scroll through the list to locate them.
3

Open the Role dropdown

Click the Role dropdown next to the user’s name. The dropdown displays all available roles β€” both system roles (Admin, Member, Billing Admin) and any custom roles you have created.
4

Select the new role

Select the desired role from the dropdown. The change is applied immediately using an optimistic update, so the UI reflects the new role right away.
5

Handle errors

If the update fails (for example, due to a permissions issue or network error), the role assignment is automatically rolled back to the previous value and an error message is displayed. Retry the change or contact your administrator if the problem persists.
Filter members by role: Use the Role filter dropdown in the members list header to display only users assigned to a specific role. This filter includes custom roles, making it easy to audit who has been assigned each custom role in your organization.

​
What’s next

Roles overview

Learn about the built-in Admin, Member, and Billing Admin roles and how they differ from custom roles.

Seat assignment

Manage user seats and access in your organization.