> ## Documentation Index
> Fetch the complete documentation index at: https://pulze.ai/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Access Control

> Configure granular permissions for resources

## Overview

Access Control in Pulze provides granular permission management for various resources including assistants, models, tools, and routers. This allows you to precisely control which members have access to specific capabilities within your organization.

## Permission Tabs

The Access Control section is organized into tabs for different resource types:

### 1. Members

Core member management for your organization (see [Members documentation](/pulze/permissions/members) for details).

### 2. Models

Control access to specific AI models:

* View which models are available in your organization
* Configure who can access each model
* Manage model-specific permissions
* Control model usage by member or role

### 3. Assistants

Manage access to AI assistants:

* Control which members can use specific assistants
* Configure assistant-level permissions
* View assistant access details
* Restrict or grant assistant access by role

### 4. Tools

Define who can access specific tools:

* Control tool usage by member
* Configure tool permissions
* View tool access details
* Manage integrations and capabilities

### 5. API Keys

Manage API keys for programmatic access (see [API Keys documentation](/pulze/permissions/api-keys) for details).

### 6. Routers

Control access to routing configurations:

* Manage router access permissions
* Configure who can use custom routers
* View router details and settings
* Control routing strategy access

## Permission Model

### Resource-Level Permissions

Each resource type (models, assistants, tools, routers) can have:

* **View** - See the resource exists
* **Use** - Utilize the resource in work
* **Manage** - Configure and edit the resource
* **Admin** - Full control including access management

### Inheritance

Permissions can be inherited from:

* Organization-level settings
* Space-specific configurations
* Role-based assignments

## Managing Access

### Viewing Resource Permissions

1. Navigate to the appropriate tab (Models, Assistants, Tools, or Routers)
2. View the list of resources
3. See current permission assignments
4. Click on a resource for detailed access information

### Granting Access

To grant access to a resource:

1. Select the resource from the list
2. Click the menu or details icon
3. Choose **"Manage Access"** or similar option
4. Select members or roles to grant access
5. Save your changes

### Revoking Access

To remove access:

1. Select the resource
2. View current access list
3. Remove specific members or roles
4. Confirm the change

## Best Practices

<Tip>
  **Principle of Least Privilege**: Grant only the minimum permissions needed for each role or member.
</Tip>

<Tip>
  **Regular Audits**: Periodically review resource permissions to ensure they remain appropriate.
</Tip>

<Tip>
  **Group by Role**: Assign permissions based on roles rather than individuals when possible for easier management.
</Tip>

<Tip>
  **Document Decisions**: Keep track of why certain permissions were granted for compliance and audit purposes.
</Tip>

## Permission Scenarios

### Development Team

* **Models**: Access to development and testing models
* **Assistants**: Full access to create and test assistants
* **Tools**: Access to development tools
* **Routers**: Configure routing for testing

### Production Team

* **Models**: Access to production-approved models only
* **Assistants**: Use pre-configured production assistants
* **Tools**: Limited to production-safe tools
* **Routers**: Read-only access to routing configurations

### Stakeholders/Viewers

* **Models**: View-only access
* **Assistants**: Limited to approved assistants
* **Tools**: No direct tool access
* **Routers**: View routing metrics only

## Security Considerations

### Access Restrictions

<Warning>
  Changes to access control take effect immediately. Ensure you review changes before applying them.
</Warning>

### Compliance

* Track who has access to what resources
* Maintain audit logs of permission changes
* Document permission policies
* Regular reviews for compliance requirements

### Risk Management

* Limit admin access to trusted members
* Use role-based permissions where possible
* Monitor for unusual access patterns
* Implement regular permission reviews

## Integration with Spaces

Access Control works in conjunction with space-level permissions:

* Organization permissions set the baseline
* Space permissions can further restrict access
* Members need both org and space permissions to access resources
* Space owners can override some org-level settings

## Monitoring and Reporting

### Access Tracking

Monitor resource access through:

* Permission logs
* Usage analytics
* Access reports
* Audit trails

### Reports

Generate reports on:

* Who has access to which resources
* Permission changes over time
* Unused permissions
* Access violations or anomalies

## Common Tasks

### Onboarding a New Developer

1. Assign appropriate role (Editor)
2. Grant access to development models
3. Enable relevant assistants
4. Provide access to development tools
5. Configure router permissions

### Restricting Sensitive Resources

1. Identify sensitive resources (e.g., production models)
2. Remove default access
3. Grant access only to authorized members
4. Document the restriction reason
5. Set up monitoring

### Conducting a Security Audit

1. Review current permissions across all resource types
2. Identify over-privileged accounts
3. Remove unnecessary access
4. Update role definitions
5. Document findings and actions taken

## Permission Conflicts

When permissions conflict:

* More restrictive permissions take precedence
* Space-level restrictions override organization defaults
* Explicit denies override explicit grants
* Admin permissions can bypass some restrictions

<CardGroup cols={2}>
  <Card title="Permissions Overview" icon="shield" href="/pulze/permissions/overview">
    Back to Permissions Overview
  </Card>

  <Card title="Members" icon="users" href="/pulze/permissions/members">
    Manage Organization Members
  </Card>

  <Card title="API Keys" icon="key" href="/pulze/permissions/api-keys">
    Manage API Keys
  </Card>

  <Card title="Back to Guide" icon="compass" href="/pulze/navigate-pulze">
    Return to Pulze Guide
  </Card>
</CardGroup>
