Roles and permissions for organizations#
By default, Codacy assigns each organization member a role corresponding to that member's role on your Git provider.
To update a member's role on Codacy, update that member's role directly on your Git provider. When next logging in to Codacy, the member is assigned the new role.
To review the permissions granted by each role, see the tables for each Git provider:
Additionally, you can grant some administrative permissions to any organization member independently of the member's role on the Git provider, using the organization manager role.
To list and manage the members of your Codacy organization, see the Managing people page.
Permissions for GitHub#
The table below maps the GitHub Cloud and GitHub Enterprise roles to the corresponding Codacy roles and the operations that they're allowed to perform:
| GitHub role | Outside collaborator1 |
Repository read |
Repository triage |
Repository write |
Repository maintain |
Repository admin |
- | Organization Owner |
|---|---|---|---|---|---|---|---|---|
| Codacy role | - | Repository read |
Repository write |
Repository admin |
Organization manager |
Organization admin |
||
| Join organization | No | Yes2 | Yes2 | Yes2 | Yes | Yes2 | ||
| View and follow private repository | No | Yes | Yes | Yes | Yes | Yes | ||
| Access Security and risk management | No | Yes3 | Yes3 | Yes3 | Yes | Yes | ||
| Ignore issues and files, configure code patterns and file extensions, manage branches, reanalyze branches and pull requests |
No | Configurable | Configurable | Yes | Inherits original permission | Yes | ||
| Upload coverage using an account API token, see the coverage report logs |
No | No | Yes | Yes | Inherits original permission | Yes | ||
| Configure repository Git provider integration settings | No | No | No | Yes | Inherits original permission | Yes | ||
| Configure repository quality gates and goals | No | No | No | Yes | Inherits original permission | Yes | ||
| Enable repository analysis to run on a local build server, manage repository API tokens | No | No | No | Yes | Inherits original permission | Yes | ||
| Add and remove repository | No | No | No | Yes4 | Inherits original permission | Yes | ||
| Manage organization gate policies and coding standards | No | No | No | No | Yes | Yes | ||
| Configure organization default settings for Git provider integration | No | No | No | No | Yes | Yes | ||
| Invite and accept members, modify billing |
No | No | No | No | No | Yes | ||
| Assign and revoke the organization manager role | No | No | No | No | No | Yes | ||
1: Outside collaborators aren't supported as members of organizations on Codacy. You can still add outside collaborators to Codacy so that Codacy analyzes their commits to private repositories, but they won't be able to join your Codacy organization.
2: Joining an organization may need an approval depending on your setting for accepting new people.
3: These users can only see security items originating from Codacy repositories that they follow.
4: Requires that an organization owner has given the Codacy GitHub App access to the repositories to add or remove.
Permissions for GitLab#
The table below maps the GitLab Cloud and GitLab Enterprise roles to the corresponding Codacy roles and the operations that they're allowed to perform:
| GitLab role | External user1 |
Project guest |
Project reporter |
Project developer |
Project maintainer |
Project owner |
- | Group owner |
Administrator |
|---|---|---|---|---|---|---|---|---|---|
| Codacy role | - | Repository read |
Repository write |
Repository admin |
Organization manager |
Organization admin |
|||
| Join organization | No | Yes2 | Yes2 | Yes2 | Yes | Yes2 | |||
| View and follow private repository | No | Yes | Yes | Yes | Yes | Yes | |||
| Access Security and risk management | No | Yes3 | Yes3 | Yes3 | Yes | Yes | |||
| Ignore issues and files, configure code patterns and file extensions, manage branches, reanalyze branches and pull requests |
No | Configurable | Configurable | Yes | Inherits original permission | Yes | |||
| Upload coverage using an account API token, see the coverage report logs |
No | No | Yes | Yes | Inherits original permission | Yes | |||
| Configure repository Git provider integration settings | No | No | No | Yes | Inherits original permission | Yes | |||
| Configure repository quality gates and goals | No | No | No | Yes | Inherits original permission | Yes | |||
| Configure repository to run analysis on local build server, manage repository API tokens | No | No | No | Yes | Inherits original permission | Yes | |||
| Add and remove repository | No | No | No | Yes | Inherits original permission | Yes | |||
| Manage organization gate policies and coding standards | No | No | No | No | Yes | Yes | |||
| Configure organization default settings for Git provider integration | No | No | No | No | Yes | Yes | |||
| Invite and accept members, modify billing |
No | No | No | No | No | Yes | |||
| Assign and revoke the organization manager role | No | No | No | No | No | Yes | |||
1: External users aren't supported as members of organizations on Codacy. You can still add external users to Codacy so that Codacy analyzes their commits to private repositories, but they won't be able to join your Codacy organization.
2: Joining an organization may need an approval depending on your setting for accepting new people.
3: These users can only see security items originating from Codacy repositories that they follow.
Permissions for Bitbucket#
The table below maps the Bitbucket Cloud and Bitbucket Server roles to the corresponding Codacy roles and the operations that they're allowed to perform:
| Bitbucket role | Read | Write1 | - | Admin |
|---|---|---|---|---|
| Codacy role | Repository read |
Organization manager |
Organization admin |
|
| Join organization | Yes2 | Yes | Yes2 | |
| View and follow private repository | Yes | Yes | Yes | |
| Access Security and risk management | Yes3 | Yes | Yes | |
| Ignore issues and files, configure code patterns and file extensions, manage branches, reanalyze branches and pull requests |
Configurable | Inherits original permission | Yes | |
| Upload coverage using an account API token, see the coverage report logs |
No | Inherits original permission | Yes | |
| Configure repository Git provider integration settings | No | Inherits original permission | Yes | |
| Configure repository quality gates and goals | No | Inherits original permission | Yes | |
| Configure repository to run analysis on local build server, manage repository API tokens | No | Inherits original permission | Yes | |
| Add and remove repository | No | Inherits original permission | Yes | |
| Manage organization gate policies and coding standards | No | Yes | Yes | |
| Configure organization default settings for Git provider integration | No | Yes | Yes | |
| Invite and accept members, modify billing |
No | No | Yes | |
| Assign and revoke the organization manager role | No | No | Yes | |
1: Codacy can't distinguish the Bitbucket roles Read and Write because of a limitation on the Bitbucket API.
2: Joining an organization may need an approval depending on your setting for accepting new people.
3: These users can only see security items originating from Codacy repositories that they follow.
The organization manager role#
To enable other members to manage organization settings, organization admins can share some of their permissions with any organization member using the organization manager role. This role is independent of the Git provider roles of organization members.
To review the additional permissions granted by the organization manager role, see the tables for each Git provider:
Important
Organization managers can access the Policies and Integrations settings sections of your organization and can therefore impact some repository settings for all repositories of your organization, even repositories that they can't access on the Git provider. However, they can't access the repositories themselves and can only see the repository names.
Assigning the organization manager role#
To assign the organization manager role:
-
Open your organization Settings, page Roles and permissions.
-
In the Organization managers area, use the search field to find the relevant organization member and click the member's name.
Note
You can only assign the organization manager role to members of your organization.
Revoking the organization manager role#
To revoke the organization manager role:
-
Open your organization Settings, page Roles and permissions.
-
In the Organization managers area, scroll the list to find the relevant user.
-
Click the Revoke role icon to the right of the user's name and confirm.
Configuring who can change the analysis configuration#
By default, only users with the Codacy role repository write can change analysis configurations.
To change this, open your organization Settings, page Roles and permissions, and define the lowest Codacy role required to perform the following operations on the repositories of your organization:
- Ignore issues
- Ignore files
- Configure code patterns
- Configure file extensions
- Manage branches
- Reanalyze branches and pull requests
Note
Codacy determines the role of each organization member from the role of that member on your Git provider:
See also#
Share your feedback 📢
Did this page help you?
Thanks for the feedback! Is there anything else you'd like to tell us about this page?
255 characters left
We're sorry to hear that. Please let us know what we can improve:
255 characters left
Alternatively, you can create a more detailed issue on our GitHub repository.
Thanks for helping improve the Codacy documentation.
Edit this page on GitHub if you notice something wrong or missing.
If you have a question or need help please contact support@codacy.com.