← Back to Docs
Recipe: Permissions Matrix
Role-based access control grid for Meridian teams. Each role gates a fixed set of actions across the dashboard, API, and CLI.
| Role | Manage users | Manage keys | View analytics | Delete builds | Push updates | Read logs | View invoices | Update payment | Cancel sub |
|---|---|---|---|---|---|---|---|---|---|
| Owner | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Admin | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | — | — |
| Developer | ✓ | ✓ | ✓ | — | ✓ | ✓ | — | — | — |
| Billing | — | — | — | — | — | — | ✓ | ✓ | ✓ |
| Viewer | — | — | — | — | — | — | — | — | — |
Note: Owner is immutable and always holds full access. Admin cannot cancel subscriptions or update payment methods. Developer roles are scoped to technical actions only. Billing roles see financial surfaces exclusively. Viewer is read-only across all surfaces.