Skip to content

Roles and permissions for organizations#

By default, Codacy assigns each organization member a role corresponding to that member's role on your Git provider. Each Codacy role, from most restrictive (repository read) to most capable (organization admin), corresponds to a set of permissions that determine what each member can do on Codacy.

To update a member's role on Codacy, update that member's role on your Git provider. When next logging in to Codacy, the member is assigned the new role.

Organization admins can also grant additional permissions:

To review the permissions granted by each role, see the tables for each Git provider:

To list and manage the members of your Codacy organization, see the Managing people page.

Configuring repository management permissions#

Only organization admins can update this setting

By default, only users with the Codacy role repository write can change analysis configurations.

To change this, open your organization Settings, page Roles and permissions, and choose the Codacy roles that can perform the following operations on the repositories of your organization:

Configuring repository management permissions

Managing the organization manager role#

Only organization admins can update this setting

To grant an organization member additional permissions, you can assign that member the organization manager role. This role isn't influenced by a member's Git provider role.

To review the additional permissions granted by the organization manager role, see the tables for each Git provider (GitHub, GitLab, Bitbucket).

Note

Organization managers can access the Policies and Integrations settings sections of your organization and can therefore impact some repository settings for all repositories of your organization, even repositories that they can't access on the Git provider. However, they can't access the repositories themselves and can only see the repository names.

Assigning the organization manager role#

To assign the organization manager role:

  1. Open your organization Settings, page Roles and permissions.

  2. In the Organization managers area, use the search field to find the relevant organization member and click the member's name.

    Note

    You can only assign the organization manager role to members of your organization.

    Security and risk management access management

Revoking the organization manager role#

To revoke the organization manager role:

  1. Open your organization Settings, page Roles and permissions.

  2. In the Organization managers area, scroll the list to find the relevant user.

  3. Click the Revoke role icon to the right of the user's name and confirm.

Permissions for GitHub#

The table below maps the GitHub Cloud and GitHub Enterprise roles to the corresponding Codacy roles and the operations that they're allowed to perform:

GitHub role Outside
collaborator1
Repository
read
Repository
triage
Repository
write
Repository
maintain
Repository
admin
- Organization
Owner
Codacy role - Repository
read
Repository
write
Repository
admin
Organization
manager
Organization
admin
Join organization No Yes2 Yes2 Yes2 Yes Yes2
View and follow private repository No Yes Yes Yes Yes Yes
Access Security and risk management No Yes3 Yes3 Yes3 Yes Yes
Ignore issues and files,
configure code patterns and file extensions,
manage branches,
reanalyze branches and pull requests
No Configurable Configurable Yes Inherits original permission Yes
Upload coverage using an account API token,
see the coverage report logs
No No Yes Yes Inherits original permission Yes
Configure repository Git provider integration settings No No No Yes Inherits original permission Yes
Configure repository quality gates and goals No No No Yes Inherits original permission Yes
Enable repository analysis to run on a local build server, manage repository API tokens No No No Yes Inherits original permission Yes
Add and remove repository No No No Yes4 Inherits original permission Yes
Manage organization gate policies and coding standards No No No No Yes Yes
Configure organization default settings for Git provider integration No No No No Yes Yes
Invite and accept members,
modify billing
No No No No No Yes
Assign and revoke the organization manager role No No No No No Yes

1: Outside collaborators aren't supported as members of organizations on Codacy. You can still add outside collaborators to Codacy so that Codacy analyzes their commits to private repositories, but they won't be able to join your Codacy organization.
2: Joining an organization may need an approval depending on your setting for accepting new people.
3: These users can only see security items originating from Codacy repositories that they follow.
4: Requires that an organization owner has given the Codacy GitHub App access to the repositories to add or remove.

Permissions for GitLab#

The table below maps the GitLab Cloud and GitLab Enterprise roles to the corresponding Codacy roles and the operations that they're allowed to perform:

GitLab role External
user1
Project
guest
Project
reporter
Project
developer
Project
maintainer
Project
owner
- Group
owner
Administrator
Codacy role - Repository
read
Repository
write
Repository
admin
Organization
manager
Organization
admin
Join organization No Yes2 Yes2 Yes2 Yes Yes2
View and follow private repository No Yes Yes Yes Yes Yes
Access Security and risk management No Yes3 Yes3 Yes3 Yes Yes
Ignore issues and files,
configure code patterns and file extensions,
manage branches,
reanalyze branches and pull requests
No Configurable Configurable Yes Inherits original permission Yes
Upload coverage using an account API token,
see the coverage report logs
No No Yes Yes Inherits original permission Yes
Configure repository Git provider integration settings No No No Yes Inherits original permission Yes
Configure repository quality gates and goals No No No Yes Inherits original permission Yes
Configure repository to run analysis on local build server, manage repository API tokens No No No Yes Inherits original permission Yes
Add and remove repository No No No Yes Inherits original permission Yes
Manage organization gate policies and coding standards No No No No Yes Yes
Configure organization default settings for Git provider integration No No No No Yes Yes
Invite and accept members,
modify billing
No No No No No Yes
Assign and revoke the organization manager role No No No No No Yes

1: External users aren't supported as members of organizations on Codacy. You can still add external users to Codacy so that Codacy analyzes their commits to private repositories, but they won't be able to join your Codacy organization.
2: Joining an organization may need an approval depending on your setting for accepting new people.
3: These users can only see security items originating from Codacy repositories that they follow.

Permissions for Bitbucket#

The table below maps the Bitbucket Cloud and Bitbucket Server roles to the corresponding Codacy roles and the operations that they're allowed to perform:

Bitbucket role Read Write1 - Admin
Codacy role Repository
read
Organization
manager
Organization
admin
Join organization Yes2 Yes Yes2
View and follow private repository Yes Yes Yes
Access Security and risk management Yes3 Yes Yes
Ignore issues and files,
configure code patterns and file extensions,
manage branches,
reanalyze branches and pull requests
Configurable Inherits original permission Yes
Upload coverage using an account API token,
see the coverage report logs
No Inherits original permission Yes
Configure repository Git provider integration settings No Inherits original permission Yes
Configure repository quality gates and goals No Inherits original permission Yes
Configure repository to run analysis on local build server, manage repository API tokens No Inherits original permission Yes
Add and remove repository No Inherits original permission Yes
Manage organization gate policies and coding standards No Yes Yes
Configure organization default settings for Git provider integration No Yes Yes
Invite and accept members,
modify billing
No No Yes
Assign and revoke the organization manager role No No Yes

1: Codacy can't distinguish the Bitbucket roles Read and Write because of a limitation on the Bitbucket API.
2: Joining an organization may need an approval depending on your setting for accepting new people.
3: These users can only see security items originating from Codacy repositories that they follow.

See also#

Share your feedback 📢

Did this page help you?

Thanks for the feedback! Is there anything else you'd like to tell us about this page?

We're sorry to hear that. Please let us know what we can improve:

Alternatively, you can create a more detailed issue on our GitHub repository.

Thanks for helping improve the Codacy documentation.

Edit this page on GitHub if you notice something wrong or missing.

If you have a question or need help please contact support@codacy.com.

Last modified May 2, 2024