TELVRIX

· Teams

Roles & permissions

What owners, admins, members, and viewers can do — the exact server-enforced permission map.

Workspaces have four roles. Permissions are enforced on the server for every API route — the UI hides controls you cannot use, but the API check is the real gate.

Owner

  • Everything admins can do, plus:
  • Manage billing and the workspace plan.
  • Delete mailboxes.
  • Change member roles and transfer workspace ownership.

Admin

  • Manage workspace settings.
  • Connect, edit, and share mailboxes (not delete).
  • Invite and remove members.
  • Read, send, and delete messages.
  • Read the workspace audit log and export it.

Member

  • Read and write mailboxes they have access to.
  • Read, send (with a send grant for shared mailboxes), and delete messages.
  • Invite new members.

Viewer

  • Read-only: view mailboxes and messages they have access to.
  • No sending, no mailbox changes, no member management.

Note

Audit log access (audit:read) is limited to owners and admins. Billing access (workspace:billing) is owner-only.