Team RBAC & Access Control Documentation

Manage roles, permissions, user access controls, security policies, and team collaboration across voice AI projects.

Built-In Roles

RoleDescription
viewerRead-only access to agents, calls, and analytics
operatorCan start/end calls and monitor live sessions
builderCan create and configure agents, tools, and flows
adminFull access including team management and billing
ownerTenant owner with all permissions including deletion

Invite Team Members

curl -X POST https://api.voxentis.com/v1/team/invite \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "email": "jane@company.com",
    "role": "builder",
    "teams": ["support-agents"]
  }'

Create Teams

curl -X POST https://api.voxentis.com/v1/team/groups \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "support-agents",
    "description": "Customer support team",
    "agent_access": ["agt_support_bot", "agt_returns_bot"],
    "permissions": {
      "can_view_calls": true,
      "can_export_data": true,
      "can_modify_agents": false
    }
  }'

Scoped API Keys

curl -X POST https://api.voxentis.com/v1/api-keys \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "dashboard-readonly",
    "permissions": ["agents:read", "calls:read", "analytics:read"],
    "expires_in_days": 90
  }'

Security Warning: The full API key is only shown once at creation time. Store it securely — you can't retrieve it later.

Audit Log

All team actions are logged in the audit log. Query it to see who did what and when.

  • User login and API key usage events
  • Agent creation, update, and deletion
  • Team membership changes
  • Permission and role modifications
  • API key creation and revocation