Permissions
Axoria uses a role-based permission system with two levels: Organization and Project. This model provides granular control without unnecessary complexity.
Organization Roles
| Role | Manage Members | Create Projects | Configure Org | Billing | Delete Org |
|---|---|---|---|---|---|
| Owner | ✅ | ✅ | ✅ | ✅ | ✅ |
| Admin | ✅ | ✅ | ✅ | ❌ | ❌ |
| Member | ❌ | ❌ | ❌ | ❌ | ❌ |
The Owner is the only role that cannot be removed or demoted by other members.
Project Roles
| Action | Viewer | Reporter | Developer | PROJECT_ADMIN |
|---|---|---|---|---|
| View issues and board | ✅ | ✅ | ✅ | ✅ |
| Create issues | ❌ | ✅ | ✅ | ✅ |
| Edit issues | ❌ | ❌ | ✅ | ✅ |
| Move issues on the board | ❌ | ❌ | ✅ | ✅ |
| Manage sprints | ❌ | ❌ | ✅ | ✅ |
| Log / edit time on issues | ❌ | ❌ | ✅ | ✅ |
| Configure board and workflow | ❌ | ❌ | ❌ | ✅ |
| Manage project members | ❌ | ❌ | ❌ | ✅ |
| Configure webhooks | ❌ | ❌ | ❌ | ✅ |
| Generate public tokens | ❌ | ❌ | ❌ | ✅ |
| Archive and delete the project | ❌ | ❌ | ❌ | ✅ |
The REPORTER role was introduced to support use cases where members can log issues but do not have full edit access.
Profile Groups
Profile Groups are named groupings of organization members. They simplify access management when many members need similar project roles.
Creating a Group
- Go to Organization → Settings → Profile Groups.
- Click New Group.
- Name it (e.g., "Backend Team", "QA", "Design").
- Add members to the group.
Using Groups in Projects
When adding members to a project:
- Go to Project → Settings → Members.
- Click Add Group.
- Select the group and the role to assign.
All members of the group receive the selected role in that project.
Note: Removing a member from a group does not automatically revoke their individual project access - it must be removed separately.
Access to Public Projects
Projects with Public visibility can be accessed by unauthenticated visitors. They can:
- View the board (Kanban, Table, Calendar)
- Read issue details
Unauthenticated visitors cannot create, edit, move issues, or interact with sprints.
Public Token Access
To share a private project with external people without Axoria accounts:
- Go to Settings → Public Tokens.
- Create a token of type Board or Report.
- Share the generated link.
Token-based access is controlled by:
- Type (Board or Report - read-only)
- Expiration date (optional - auto-expires)
- Active status (can be revoked at any time)
See Settings → Public Tokens to create and manage tokens.