BotLaunch implements a comprehensive role-based access control (RBAC) system. This ensures team members only have access to the features and data they need.
Key Features
Role-Based Access
Assign roles to team members based on their responsibilities.
Resource Isolation
Each organization's data is completely isolated from others.
API Key Scoping
Create API keys with specific permissions and expiration dates.
Granular Permissions
Control access at the bot, group, and module level.
User Roles
SUPER_ADMINFull platform access (BotLaunch staff only)
All permissionsPlatform settingsUser managementSystem configuration
CLIENT_OWNERFull organization access
Manage botsManage usersBilling accessDelete organization
CLIENT_ADMINAdmin access without destructive actions
Manage botsManage usersView billingConfigure modules
CLIENT_VIEWERRead-only access to organization
View botsView analyticsView settingsCannot modify
Best Practices
- Use the principle of least privilege - assign the minimum role needed
- Regularly audit team member access and remove inactive users
- Use separate API keys for different integrations
- Enable two-factor authentication for all admin accounts