Project Access Control

Control who can access your projects.

Overview

Project access control lets you:

• Share projects with teams
• Grant individual access
• Set permission levels
• Revoke access when needed

---

Access Levels

Level	View	Scan	Manage	Admin
View	✓	-	-	-
Scan	✓	✓	-	-
Manage	✓	✓	✓	-
Admin	✓	✓	✓	✓

Level Details

View

• See project contracts
• View scan results
• Read findings
• Export reports

Scan

• All View permissions
• Run new scans
• Re-scan contracts

Manage

• All Scan permissions
• Add/remove contracts
• Triage findings
• Assign vulnerabilities

Admin

• All Manage permissions
• Change project settings
• Manage access
• Delete project

---

Sharing with Teams

Grant Team Access

1. Go to project settings
2. Click Access or Share
3. Click Add Team
4. Select team
5. Choose access level
6. Click Add

Example

Project: DeFi Protocol
├── Security Team → Admin
├── Dev Team → Manage
└── QA Team → View

---

Individual Access

Grant Individual Access

1. Go to project settings
2. Click Access
3. Click Add Member
4. Select organization member
5. Choose access level
6. Click Add

When to Use

• Contractors on specific projects
• Cross-team collaboration
• Temporary access

---

Viewing Access

Access List

Go to project Settings → Access to see:

Column	Description
Name	Team or member name
Type	Team or Individual
Level	Access level
Granted	When access was given
Granted By	Who gave access

---

Changing Access

Update Access Level

1. Go to project Settings → Access
2. Find team/member
3. Click access level dropdown
4. Select new level
5. Confirm change

Revoke Access

1. Go to project Settings → Access
2. Find team/member
3. Click Remove
4. Confirm removal

---

Access Inheritance

How It Works

Organization Role
    ↓ (base permissions)
+ Team Access
    ↓ (added permissions)
+ Individual Access
    ↓ (specific overrides)
= Effective Access

Example

Bob is:

• Organization Member (base)
• In Dev Team with Scan access to Project A
• Individually granted Manage access to Project A

Bob's effective access: Manage (highest wins)

---

Default Access

Organization Admins

Organization Admins automatically have:

• View access to all projects
• Can grant themselves higher access

Project Creator

Person who creates a project:

• Automatically gets Admin access
• Can't be removed (unless they leave org)

---

Access Requests

Requesting Access

Members can request access:

1. View project in list
2. Click Request Access
3. Select desired level
4. Add reason
5. Submit

Approving Requests

Project Admins receive notification:

1. Review request
2. Approve or deny
3. Requester notified

---

Bulk Access Management

For Multiple Projects

1. Go to Organization → Access Management
2. Select multiple projects
3. Click Bulk Update
4. Add/remove team access
5. Apply

Common Scenarios

New team member:

1. Add to appropriate teams
2. Teams already have project access
3. No additional work needed

Team restructuring:

1. Update team memberships
2. Access follows automatically

---

Access Audit

View Access History

1. Go to project Settings → Access
2. Click History
3. See all access changes

Logged Events

• Access granted
• Access revoked
• Level changed
• Requests approved/denied

---

Best Practices

Use Teams

Prefer team access over individual:

• Easier to manage
• Scales better
• More consistent

Least Privilege

Start with minimum access:

• Default to View
• Upgrade as needed
• Regularly review

Document Decisions

Use descriptions:

• Why was access granted?
• Who approved?
• Expected duration?

---

FAQ

Q: Can I make a project completely private?
A: Yes. Don't share with any teams or members.

Q: What happens when someone leaves a team?
A: They lose team-based access automatically.

Q: Can I set temporary access?
A: Not automatically. Set a reminder to revoke manually.

Q: Do Organization Admins see all projects?
A: They can see all projects exist but need explicit access to view contents.

---

Next Steps

• Creating Teams - Set up teams
• Roles & Permissions - Organization roles
• Audit Logs - Track access changes