Permissions, roles, and tokens in CalypsoAI

To control the features users are allowed to access, CalypsoAI provides a permissions functionality, integrated with user roles and authorization tokens.

Roles

A role is a collection of permissions. The actions you are allowed to do in CalypsoAI depend on the permissions applied to your role.

We provide the following roles out of the box:

• Org owner: The creator of the CalypsoAI instance.
  Only one user can have this role.
• Org admin: Has access to all CalypsoAI features and functionalities.
• User: Basic user role.
  The User role has almost no permissions and is limited to basic tasks, for example, sending prompts.

In addition to the provided roles, you can also create and customize your own custom roles, choosing only the permissions relevant to your specific role requirements.

• Learn more about permissions

Tokens

To communicate with our API and access our API endpoints, you must use a token. A token is a unique identifier used for authenticating and authorizing requests, making sure the user or application has the necessary permissions for a specific action.

• Learn how to get an authorization token

CalypsoAI provides three token types:

• User token: Linked to a specific user.
  The permissions applied to a user token correspond to the permissions set by the user's role.
• Global token: An organization-level token.
  Global tokens have the highest permission level, as set by the org admin role, and give access to all CalypsoAI features. Global tokens are not linked to just one user.
• Project token: Linked to a project.
  Project tokens have the project admin role permissions applied, giving you access to managing whole projects.