User Roles and Permissions
Set up secure access control by managing user roles, permissions, and team collaboration for your events.
const response = await fetch('https://api.credential.studio/v1/users/invite', {
method: 'POST',
headers: { 'Authorization': `Bearer ${YOUR_API_KEY}`, 'Content-Type': 'application/json' },
body: JSON.stringify({
email: 'team@example.com',
role: 'editor',
eventId: 'evt_123abc'
})
});
curl -X POST https://api.credential.studio/v1/users/invite \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"email": "team@example.com",
"role": "editor",
"eventId": "evt_123abc"
}'
{
"success": true,
"userId": "usr_456def",
"message": "Invitation sent to team@example.com"
}
Overview
credential.studio provides flexible user roles and permissions to ensure secure collaboration on event credentials. Assign roles like Admin, Editor, and Viewer to control access to events, attendee data, and printing features. This prevents unauthorized changes while enabling team efficiency.
Always use the principle of least privilege: grant only the permissions users need for their tasks.
Available Roles
Review the core roles available in credential.studio. Each role has predefined permissions tailored for event workflows.
Admin
Full access to all events, users, and settings. Manage invitations, roles, and billing.
Editor
Create, edit, and print credentials. View attendee lists but cannot manage users or events.
Viewer
Read-only access to credentials and events. No editing or printing capabilities.
Inviting and Managing Users
Invite team members via email directly from the dashboard or use the API for automation.
Navigate to Team
Go to your event dashboard and select the Team tab.
Send Invitation
Enter the email address, select a role, and click Invite.
Confirm Access
The user receives an email and can join after accepting. Monitor status in the team list.
For programmatic invites, use the Users API.
Assigning Role-Based Permissions
Customize permissions beyond default roles using granular controls.
Control which events users can access.
Unique event identifier.
Role override: admin, editor, viewer.
Manage print and edit rights.
// Example: Update user permissions via API
await fetch('https://api.credential.studio/v1/users/usp_789/permissions', {
method: 'PATCH',
headers: { 'Authorization': `Bearer ${YOUR_API_KEY}` },
body: JSON.stringify({
canPrint: true,
canEditAttendees: false
})
});
Controlling Access to Events
Restrict users to specific events during large productions.
// List users with event access
const users = await fetch('https://api.credential.studio/v1/events/evt_123abc/users', {
headers: { 'Authorization': `Bearer ${YOUR_API_KEY}` }
}).then(r => r.json());
import requests
response = requests.get(
'https://api.credential.studio/v1/events/evt_123abc/users',
headers={'Authorization': f'Bearer {YOUR_API_KEY}'}
)
users = response.json()
Security Best Practices
Follow these guidelines to maintain secure access.
Require MFA for all Admins. Navigate to Account > Security and enable it for your team.
For large teams, integrate with SSO providers like Google Workspace or Okta via the Integrations page.
Last updated today
Built with Documentation.AI