Admin Controls

Admin controls let workspace owners and admins configure policies that govern how members interact with the workspace. These settings are found in Settings → Policies and apply to all members. For authentication and session policies, see Security & SSO.

Member Invite Policy

Controls who can send invitations to bring new members into the workspace.

Invite Permissions

Owner Only

Only the workspace owner can invite new members. Best for tightly controlled workspaces.

Admin & Owner

Admins and the owner can invite new members. This is the default setting.

All Members

Any workspace member can invite others. Useful for open teams where rapid onboarding is preferred.

Guest Access

Enable or disable guest access for the workspace. When enabled, external collaborators can be invited with limited permissions. When disabled, only full members can access the workspace.

Toggle Guest Access

Guests have restricted access and cannot modify workspace settings, manage members, or access billing. Toggle this setting on or off from the admin controls panel.

Project Creation Policy

Controls who can create new projects in the workspace.

Creation Permissions

Admin Only

Only admins and the workspace owner can create new projects. This keeps the project structure controlled and organized.

All Members

Any workspace member can create projects. Suitable for teams where members self-organize their work.

Data Export Policy

Controls who can export workspace data such as posts, comments, and project information.

Export Permissions

Disabled

Data export is disabled for all users. No one can export workspace data.

Admin Only

Only admins and the workspace owner can export data. Recommended for workspaces with sensitive information.

All Members

Any workspace member can export data they have access to.

Developer Access Policies

Controls who can create API keys and webhooks for the workspace, and which scopes those keys are allowed to request. For more about API authentication, see Security & SSO.

Creation Policies

Disabled

No one can create new API keys or webhooks for that capability. Existing resources continue to work until they are revoked.

Owner Only

Only the workspace owner can create new developer credentials.

Admin & Owner

Admins and the workspace owner can create new keys and webhooks. This is the most controlled shared setting.

All Members

Any workspace member except viewers can create new keys or webhooks, while still managing only the resources they own.

Scope Allowlist

Workspace admins and owners can allow or block individual API scopes such as projects, posts, tasks, media, audit logs, and webhooks.

Write access automatically includes read access for the same resource, so the allowlist is stored as an effective permission set rather than a write-only matrix.

New keys and rotated keys must stay inside the current allowlist. Invalid or unknown scope requests are rejected instead of being partially accepted. Existing keys are not silently rewritten when the allowlist changes.

The Developers page offers preset bundles like read-only, content automation, project/task automation, and full workspace access based on the scopes currently allowed.

Ownership & Rotation

Members can create, rotate, revoke, and edit only the API keys and webhooks they created. Admins and owners can manage all workspace developer resources. The Developers page includes rename/edit actions, preserves creator attribution for admins, and rotating a key creates a replacement with the same name, scopes, and expiration, then revokes the previous key immediately.

Access & Permissions

Who Can Modify

Only workspace owners and admins can view and modify admin controls. Regular members and viewers do not have access to these settings.

Audit Trail

All changes to admin controls are recorded in the workspace audit log, including who made the change and when. See Security & SSO for details.

Member Invite Policy

Controls who can send invitations to bring new members into the workspace.

Invite Permissions

Owner Only

Only the workspace owner can invite new members. Best for tightly controlled workspaces.

Admin & Owner

Admins and the owner can invite new members. This is the default setting.

All Members

Any workspace member can invite others. Useful for open teams where rapid onboarding is preferred.

Guest Access

Enable or disable guest access for the workspace. When enabled, external collaborators can be invited with limited permissions. When disabled, only full members can access the workspace.

Toggle Guest Access

Guests have restricted access and cannot modify workspace settings, manage members, or access billing. Toggle this setting on or off from the admin controls panel.

Project Creation Policy

Controls who can create new projects in the workspace.

Creation Permissions

Admin Only

Only admins and the workspace owner can create new projects. This keeps the project structure controlled and organized.

All Members

Any workspace member can create projects. Suitable for teams where members self-organize their work.

Data Export Policy

Controls who can export workspace data such as posts, comments, and project information.

Export Permissions

Disabled

Data export is disabled for all users. No one can export workspace data.

Admin Only

Only admins and the workspace owner can export data. Recommended for workspaces with sensitive information.

All Members

Any workspace member can export data they have access to.

Developer Access Policies

Controls who can create API keys and webhooks for the workspace, and which scopes those keys are allowed to request. For more about API authentication, see Security & SSO.

Creation Policies

Disabled

No one can create new API keys or webhooks for that capability. Existing resources continue to work until they are revoked.

Owner Only

Only the workspace owner can create new developer credentials.

Admin & Owner

Admins and the workspace owner can create new keys and webhooks. This is the most controlled shared setting.

All Members

Any workspace member except viewers can create new keys or webhooks, while still managing only the resources they own.

Scope Allowlist

Workspace admins and owners can allow or block individual API scopes such as projects, posts, tasks, media, audit logs, and webhooks.

Write access automatically includes read access for the same resource, so the allowlist is stored as an effective permission set rather than a write-only matrix.

The Developers page offers preset bundles like read-only, content automation, project/task automation, and full workspace access based on the scopes currently allowed.

Ownership & Rotation

Access & Permissions

Who Can Modify

Only workspace owners and admins can view and modify admin controls. Regular members and viewers do not have access to these settings.

Audit Trail

All changes to admin controls are recorded in the workspace audit log, including who made the change and when. See Security & SSO for details.

Admin Controls

Member Invite Policy

Invite Permissions

Guest Access

Toggle Guest Access

External Sharing Policy

Sharing Permissions

Share Link Configuration

Default Expiry

Maximum Expiry

Require Password

Project Creation Policy

Creation Permissions

Data Export Policy

Export Permissions

Developer Access Policies

Creation Policies

Scope Allowlist

Ownership & Rotation

Access & Permissions

Who Can Modify

Audit Trail

Admin Controls

Member Invite Policy

Invite Permissions

Guest Access

Toggle Guest Access

External Sharing Policy

Sharing Permissions

Share Link Configuration

Default Expiry

Maximum Expiry

Require Password

Project Creation Policy

Creation Permissions

Data Export Policy

Export Permissions

Developer Access Policies

Creation Policies

Scope Allowlist

Ownership & Rotation

Access & Permissions

Who Can Modify

Audit Trail