Roles & Permissions

Overview

Jasper provides a comprehensive role-based access control system with 5 built-in system roles and the ability to create custom roles. Control exactly what each team member can access.

System Roles

Five built-in roles provide common permission sets:

Role	Permissions	Typical Use
Owner	Full access (59 permissions)	Organization founders, billing contacts
Admin	All except billing & danger zone (55 permissions)	Team leads, senior developers
Stakeholder	Business oversight + ClickUp features (28 permissions)	Product managers, account managers
Member	Standard contributor access (22 permissions)	Developers, contributors
Viewer	Read-only access (11 permissions)	External stakeholders, observers

Creating Custom Roles

Create roles tailored to your organization's needs.

From Scratch

1. Go to Settings → Roles & Permissions
2. Click Create Role
3. Enter a role name (e.g., backend-developer)
4. Add an optional description
5. Choose a color for the role badge
6. Select permissions from the expandable groups
7. Click Create Role

By Cloning

1. Find the role you want to base your new role on
2. Click Clone
3. Enter a new name
4. The new role inherits all permissions from the source
5. Edit to customize permissions as needed

Permission Groups

Permissions are organized into 14 logical groups:

Dashboard

• dashboard.view — View dashboard
• dashboard.export — Export dashboard data

Code Reviews

• reviews.view — View reviews
• reviews.trigger — Trigger new reviews
• reviews.apply-fixes — Apply AI-suggested fixes
• reviews.retry — Retry failed reviews
• reviews.comment — Add comments
• reviews.delete — Delete reviews
• reviews.export — Export review data

Comments

• comments.create — Create comments
• comments.edit-own — Edit own comments
• comments.edit-any — Edit any comment
• comments.delete — Delete comments

AI Conversations

• conversations.view — View AI conversations
• conversations.reply — Reply to AI
• conversations.delete — Delete conversations
• conversations.export — Export conversation data

Repositories

• repos.view — View repositories
• repos.manage — Manage repository settings
• repos.sync — Sync repository data
• repos.branch-protection — Manage branch protection
• repos.rulesets — Manage rulesets

Team Members

• members.view — View team members
• members.invite — Invite new members
• members.remove — Remove members
• members.change-role — Change member roles

Analytics

• analytics.view — View personal analytics
• analytics.team-view — View team analytics
• analytics.all-view — View all organization analytics
• analytics.export — Export analytics data

Integrations

• integrations.view — View integrations
• integrations.clickup.manage — Manage ClickUp
• integrations.github.manage — Manage GitHub settings
• integrations.slack.manage — Manage Slack integration

ClickUp Features

• clickup.backlog-cleanup.view — View Backlog Cleanup
• clickup.backlog-cleanup.action — Take Backlog Cleanup actions
• clickup.sprint-intelligence.view — View Sprint Intelligence
• clickup.sprint-intelligence.action — Take Sprint Intelligence actions
• clickup.release-notes.view — View Release Notes
• clickup.release-notes.manage — Manage Release Notes

Quality Gates

• quality-gates.view — View quality gates
• quality-gates.edit — Edit quality gate rules
• quality-gates.override — Override quality gate results

Webhooks

• webhooks.view — View webhook logs
• webhooks.manage — Manage webhook endpoints
• webhooks.retry — Retry failed webhooks

API Access

• api.access — Access API endpoints
• api.keys.view — View API keys
• api.keys.manage — Create/revoke API keys
• api.logs.view — View API logs

Notifications

• notifications.preferences — Manage notification preferences
• notifications.history — View notification history

Organization Settings

• settings.view — View settings
• settings.edit — Edit settings
• settings.audit-logs — View audit logs
• settings.roles.manage — Manage roles

Billing

• billing.view — View credit balance
• billing.manage — Purchase credits

Danger Zone

• danger.delete — Delete organization
• danger.transfer-ownership — Transfer ownership

Assigning Roles

Change a Member's Role

1. Go to Settings → Team
2. Find the team member
3. Click Change Role
4. Select the new role
5. Confirm the change

Role Restrictions

• Cannot change the owner's role
• Only owners can promote someone to owner (transfers ownership)
• Only owners and admins can change roles

Managing Custom Roles

Editing a Role

1. Go to Settings → Roles & Permissions
2. Find the custom role
3. Click Edit
4. Modify name, description, color, or permissions
5. Click Save

Deleting a Role

• Custom roles can only be deleted if no users are assigned
• Reassign users to another role first
• System roles cannot be deleted

Role Hierarchy

Roles follow a hierarchy from most to least permissions:

1. Owner (Level 5) — Full control
2. Admin (Level 4) — Administrative access
3. Stakeholder (Level 3) — Business oversight
4. Member (Level 2) — Contributor access
5. Viewer (Level 1) — Read-only access

Best Practices

• Principle of least privilege — Give users only the permissions they need
• Use custom roles — Create roles for specific job functions
• Regular audits — Review role assignments periodically
• Document roles — Add clear descriptions to custom roles

Example Custom Roles

Contractor

Based on Member with restricted access:

• No API access
• No billing view
• Read-only team view

QA Engineer

Based on Stakeholder with extra review permissions:

• Full review access
• Analytics export
• No repository management

Billing Admin

Limited role for finance team:

• Billing view and manage
• Analytics view
• No code or review access