# Role-Based Access Control (RBAC) ### Overview This document outlines Bindplane Role-Based Access Control (RBAC). Bindplane is structured by Organization and Project, with one organization capable of containing one or multiple projects. ### Prerequisites Before configuring RBAC, ensure the following prerequisites are met. #### License A Google or Enterprise license is required for using RBAC. #### Authentication Mode Bindplane must be configured to use LDAP, Active Directory, or another multi-user authentication mode. The default System authentication mode does not support multiple users. Bindplane Cloud supports multi-user by default and does not require additional configuration. ### RBAC Roles #### Organization Roles Organizations have two RBAC roles: **Organization Admin** * Full control over the organization. * Can create new projects. **Organization User** * View organization details. #### Project Roles Projects have three RBAC roles: **Project Admin** * Full control over the project. * Can add and remove users within the project. * Can modify configurations and trigger rollouts. **Project User** * Install and assign collectors to configurations. * Can modify configurations within the project. * Cannot trigger rollouts. * Cannot invite or manage other users within the project. **Project Viewer** * Read-only access to the project. ### Role Assignment Users can be invited to a project by using the Invite Users button on the Project page. When\ users are added to a Project, they are implicitly added to the organization. Users can be invited by email or with an invite link. In both cases, a role must be selected. An Admin can modify a user's role by navigating to the Users tab on the Project page. From there, the user can be selected and their role can be modified. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.bindplane.com/feature-guides/security-and-governance/role-based-access-control-rbac.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.