Workspace Roles
| Role | Description | Granted By |
|---|
| Admin | Full workspace control, billing, integrations | Existing admins |
| Member | Create tunnels, access shared resources | Admins |
Tunnel Member Roles
| Role | Description | Granted By |
|---|
| Owner | Full control over tunnel | Automatic (creator) |
| Admin | Manage settings, members, comments | Owner/Workspace admin |
| Viewer | View tunnel and leave comments | Owner/Workspace admin |
Share Modes
| Mode | Access Control | Guest Comments |
|---|
| Invite Only | Only explicit tunnel members | No (requires login) |
| Anyone with Link | Anyone with share URL | Yes (default) |
| Password Protected | Anyone with URL + password | Yes |
Workspace-Level Permissions
ℹNote: Workspace admins are automatically treated as owners for all tunnels regardless of explicit membership.
| Action | Admin | Member | Notes |
|---|
| Invite users | | | Email invitations with role assignment |
| Remove users / change roles | | | Can demote other admins |
| Manage billing | | | Upgrade/downgrade/cancel subscriptions |
| Connect integrations | | | OAuth flows for external services |
| Edit workspace name/icon | | | Workspace branding |
| Delete workspace | | | Permanent deletion, requires confirmation |
| Create tunnels (CLI) | | | Subject to plan limits |
| View all tunnels | | | Full workspace visibility |
| Access tunnel details | | | If member or public share mode |
Tunnel-Level Permissions
| Action | Owner | Admin | Viewer | Guest |
|---|
| View tunnel | | | | |
| Leave comments | | | | |
| Edit own comments | | | | |
| Delete own comments | | | | |
| Delete any comment | | | | |
| Resolve/reopen comments | | | | |
| Edit tunnel settings | | | | |
| Change share mode | | | | |
| Set password protection | | | | |
| Toggle guest comments | | | | |
| Invite tunnel members | | | | |
| Remove tunnel members | | | | |
| Change member roles | | | | |
| Reopen tunnel (CLI) | | | | |
| Delete tunnel | | | | |
*Guest access depends on share mode and guest comment settings
Integration Permissions
| Action | Admin | Member | Notes |
|---|
| View integrations | | | Read-only access to connected services |
| Connect new integration | | | OAuth flows, workspace-wide access |
| Disconnect integration | | | Removes access for entire workspace |
| Use integration features | | | Create issues, send notifications, etc. |
Billing Permissions
| Action | Admin | Member | Notes |
|---|
| View billing status | | | Plan, usage, subscription status |
| View invoices | | | Stripe-hosted invoice access |
| Upgrade subscription | | | Stripe checkout flow |
| Downgrade/cancel | | | Immediate or end-of-period |
| Update payment method | | | Stripe customer portal |
Role Resolution
Access to tunnels is determined by the following hierarchy:
- Workspace admins get owner-equivalent access to all tunnels
- Explicit tunnel membership grants specific role permissions
- Share mode determines if non-members can access the tunnel
- Guest access provides limited permissions based on tunnel settings
Security Best Practices
For Workspace Admins
- Regular membership audits - Review who has admin access
- Strong passwords - Enforce good password policies
- Integration monitoring - Review connected services regularly
- Billing oversight - Monitor subscription status and invoices
For All Users
- Secure tunnel sharing - Use appropriate share modes
- Password protection - Enable for sensitive tunnels
- Guest comment controls - Disable for private projects
- Regular cleanup - Delete unused tunnels and comments