Organization and User Management
Learn about the different organization-level and team-level roles and how they affect permissions in Sentry.
Permissions in Sentry are broadly handled using organization-level roles, which apply to all teams and projects in the organization. Users on a Business or Enterprise plan, have access to team-level roles, which enable more granular permissions.
All users and their organization-level roles are listed in Settings > Members. Users can hold any of the following org-level roles:
- Billing users can manage payment and compliance details.
- Org Members can view most data in the organization and act on issues. They can join and leave teams, and access projects their teams own. For Business and Enterprise plans, members can also create personal projects.
- Org Admins can edit global integrations, manage projects, and add/remove teams. They automatically assume the Team Admin role for teams they join. Note: This role can no longer be assigned in Business and Enterprise plans.
- Org Managers have full management access to all teams and projects. They can also manage the organization's membership. Org Managers can perform Team Admin actions without needing to join the team.
- Org Owners have full access to the organization, its data, and settings. Org Owners can perform Team Admin actions without needing to join the team.
For Business and Enterprise plans, the Org Admin role has been replaced by Team Admins and can no longer be assigned to new users. Existing users with Org Admin roles will retain their admin privileges.
Organization-level roles enable broad access to the entire organization, as described in the table below:
Action | Billing | Member | Admin | Manager | Owner |
---|---|---|---|---|---|
Can see and edit billing information and subscription details | ✓ | ✓ | |||
Can see and edit legal and compliance details | ✓ | ✓ | |||
Can view and act on issues (such as assigning and resolving) | ✓ | ✓ | ✓ | ✓ | |
Can join and leave existing teams | ✓ | ✓ | ✓ | ✓ | |
Can add repositories (through GitHub integrations) | ✓ | ✓ | ✓ | ✓ | |
Can create and remove teams from the organization | ✓ | ✓ | ✓ | ||
Can change project settings | ✓* | ✓ | ✓ | ✓ | |
Can create and remove projects for the organization | ✓** | ✓ | ✓ | ✓ | |
Can edit Global Integrations | ✓ | ✓ | ✓ | ||
Can remove repositories | ✓ | ✓ | ✓ | ||
Can add, remove, and change Org Members | ✓ | ✓ | |||
Can change organization settings, including open membership | ✓ | ✓ | |||
Can assign Team Admin role | ✓ | ✓ | |||
Can add, remove, and edit Team Contributors | ✓ | ✓ | |||
Can add projects for teams | ✓ | ✓ | |||
Can remove projects from teams | ✓ | ✓ | |||
Can transfer projects to another organization | ✓ | ||||
Can remove an organization | ✓ |
*Org Members will only be able to edit ownership rules for the project.
**If your organization is on a Business or Enterprise plan, anyone who's part of the org will be able to create a project without having to be a Team Admin. When org members create a project, they'll become the Team Admin for that project by default and have all the permissions of the Team Admin for that project.
Team-level roles are only available for Business and Enterprise accounts.
All members of a specific team and their team-level roles are listed in Settings > Teams > [Team] > Members. Alternatively, go to Settings > Members > [Member] to see a specific member's teams and team-level roles.
Only Org Admins, Managers, and Owners can add new teams to an organization. Users can join a team with one of the following team-level roles:
- Team Contributors can view and act on issues. Depending on the organization rules, they can also add members to the team.
- Team Admins have additional permissions to manage their team's membership and projects. These permissions are granted at the team-level, and don't apply to teams where they're not a Team Admin.
Org Members can join teams as a Team Contributor and be assigned Team Admin for specific teams. Org Members who are not a Team Admin for any team can create a new personal project and personal team once, and become Team Admin for that team.
Org Admins automatically become Team Admins when they join a team.
Org Managers and Owners can perform Team Admin actions for all teams without needing to join.
Team-level roles enable more granular access to a specific team, as described in the table below:
Action | Team Contributor | Team Admin |
---|---|---|
Can invite new members to join (Invite lands in pending state for Managers and Owners to approve) | ✓ | ✓ |
Can join and leave teams (depending on open membership settings) | ✓ | ✓ |
Can view and act on issues (such as assigning and resolving) | ✓ | ✓ |
Can add repositories | ✓ | ✓ |
Can create new teams for the organization | ||
Can remove an existing team from the organization | ✓* | |
Can assign Team Admin Role | ✓* | |
Can add, edit, or remove Team Contributors | ✓* | |
Can create new projects for the organization | ✓* | |
Can remove existing projects from the organization | ✓* | |
Can add projects for teams | ✓* | |
Can remove projects from teams | ✓* | |
Can change project settings | ✓* | |
Can create alerts even if the org setting for "Let members create alerts" is disabled | ✓* |
*Only for teams or projects owned by teams they're a Team Admin for.
If a user holds multiple roles that grant different types of access to a single resource (like a project or repository), a union of those permissions is applied.
Let's say a user is a Team Admin for Team 1 and a Contributor for Team 2, and both teams own Project A. The user can:
- View and act on issues in Project A.
- Change settings for Project A.
- Add and remove Contributors for Team 1, but not for Team 2.
- Remove Project A from Team 1, but not from Team 2.
- Add Project A to Team 3 (which they are a Contributor in) and Team 4 (which they are not a member of).
- Create a new project, Project B, for Team 1. (New projects can only be created and owned by teams the user is a Team Admin for.)
- Add Project B to Teams 2, 3, and 4.
Projects can only be accessed by that project's team(s). Team Admins, Org Managers, and Org Owners can add or remove project teams in Project Settings > Project Teams. Alternatively, these roles can also add projects to a team in Team Settings > Projects.
Any Org Member can get access to a project by joining the team that's associated with that project. Once you've joined a project you'll also be able to edit ownership rules for that project.
This feature is currently only available for Early Adopters.
Users with Manager and Owner-level permissions can add, remove, and change members for a project or organization. They can also toggle on the "Let Members Invite Others" setting to allow any org member to freely invite anyone they like without needing org owner or manager approval.
Team membership is open by default. All members can join, leave, and add other members to teams.
To restrict access to teams and projects, turn off "Open Membership" for the organization in Settings > General Settings.
If "Open Membership" is toggled off, team access is on an invite-only basis. Users can request to join a team and invite others to join their teams, but access requests and invitations must be approved by an Org Manager, Org Owner, or a Team Admin for that team. Org Admins who aren't part of the team also need to follow this process to join. Once they join, they automatically become a Team Admin.
Only Org Owners can transfer a project to another organization. To do so, go to the target project's Project Settings > General Settings and click "Transfer Project". Enter the new Org Owner's email. The Owner for the receiving organization then receives an email to approve the transfer.
When transferring a project to a new organization, we recommend also adding a new team to the project for better visibility.
If you're an Org Owner, you can remove an entire organization and all its associated data completely.
A user can be a Member of several organizations, so deleting an organization doesn't delete user accounts.
To remove an organization, go to the Organization Settings page and click "Remove Organization", which then prompts you for confirmation. After confirmation, your organization is queued for deletion.
Our documentation is open source and available on GitHub. Your contributions are welcome, whether fixing a typo (drat!) or suggesting an update ("yeah, this would be better").