본문으로 건너뛰기

Team Management and RBAC in Quicknode

업데이트 날짜:
2026년 6월 26일

읽는 데 8분

개요

Quicknode organizes account access around three distinct primitives: Members, Teams, and Roles. Members are everyone with access to your account, each assigned a role that controls what they can view and manage across the dashboard. Teams are collections of members that scope endpoint visibility: endpoints assigned to a team are visible only to that team's members. Role-Based Access Control (RBAC) is available on all paid plans. Enterprise accounts can extend RBAC with custom roles that have configurable, per-permission access controls.

TLDR

  • Quicknode account access is built on three primitives: Members (who has access and what role they hold), Teams (which endpoints they can see), and Roles (관리자, 청구, 시청자 built-in; unlimited custom roles on Enterprise)
  • Invite members from the Members page and assign a role at invite time
  • Create teams to scope endpoint visibility: endpoints assigned to a team are only visible to that team's members; a member with no team sees all unrestricted endpoints
  • RBAC is available on all paid plans; Enterprise accounts can create custom roles with fine-grained, configurable permissions
  • Automate member and team operations via the Admin API or Quicknode CLI

배울 내용


  • How to invite and manage members on your account
  • How to create teams and control endpoint visibility
  • How RBAC roles (관리자, 청구, 그리고 시청자) govern access to the dashboard
  • How to create and manage custom roles with configurable permissions (Enterprise)

준비물


핵심 개념

Before diving in, here is a quick overview of the three primitives:

Members are everyone who has access to your Quicknode account. You manage members at dashboard.quicknode.com/members. Each member is assigned a role (관리자, 청구, 또는 시청자) that controls what they can view and do across the dashboard.

Teams are collections of members used to scope endpoint visibility. You manage teams at dashboard.quicknode.com/teams. When you assign an endpoint to a team, only that team's members can see it. A team with no endpoint assignments lets its members see every unrestricted endpoint on the account.

Roles are system-level permission levels assigned per member, not per team. The three built-in roles are 관리자, 청구, 그리고 시청자. Enterprise accounts can also create custom roles with configurable permissions. See the 역할 및 권한 section for a full breakdown.

Mental Model

A member does not need to belong to any team. Team membership only affects which endpoints a member can see; their role determines what actions they can perform.

Members, Teams, and Endpoints

Managing Members

Members are managed from the Members page. Admins can invite new members, update roles, and remove members from the account.

Invite a Member


  1. Navigate to the Members page.
  2. Click Invite member.
  3. Enter the member's name, email address, and select a role (관리자, 청구, 또는 시청자).
  4. Click Send invite. The member will receive an email invitation to join your account.

RBAC - Invite Users

Update a Member's Role


  1. Navigate to the Members page.
  2. Locate the member whose role you want to update.
  3. Click the three dots () next to their name.
  4. Select Change role and choose a new role (관리자, 청구, 또는 시청자).
  5. Confirm the change.

Note: The account owner's role cannot be changed. To reassign ownership first, see Transfer Account Ownership.

You can also update a member's role directly from a Team page: click the three dots () next to a member and select Change role to update their role without navigating to the Members page. As roles are assigned at the member level, this change will apply across all teams and endpoints.

RBAC - Update Role

Remove a Member


  1. Navigate to the Members page.
  2. Locate the member you want to remove.
  3. Click the three dots () next to their name.
  4. Select Remove from account and confirm.

Note: The account owner cannot be removed. Transfer ownership first if you need to remove the primary account holder.

Transfer Account Ownership

The account owner can transfer full ownership to another member. This is a permanent action.

  1. Navigate to the Members page.
  2. Click Change account owner at the bottom of the page.
  3. Select the member you wish to transfer ownership to.
  4. Click Change owner.

Warning: Transferring ownership is irreversible. The current owner will lose owner status and be reassigned to an 관리자 role. Confirm you are certain before proceeding.

Transfer Account Ownership

Managing Teams

Teams are managed from the Teams page. Admins can create teams, add members, and control endpoint visibility through team assignments.

Create a Team


  1. Navigate to the Teams page.
  2. Click Create team.
  3. Enter a team name and click Create team.

You are automatically added as a member of the new team.

RBAC - Create Team

Add Members to a Team

Note: To add a member to a team, they must first be invited to your account on the Members page.

  1. Navigate to the Teams page.
  2. Select the team you want to manage.
  3. Click Add member.
  4. Search for the member and select them.
  5. Click Save to confirm.

You can also manage a member's team assignments directly from the Members page: click the three dots () next to a member and select Team to update their team assignments without navigating to the Teams page.

Move or Remove Members Between Teams


  1. Navigate to the Teams page.
  2. Select the team containing the member.
  3. Click the three dots () next to the member's name.
  4. Select Teams to update their team assignment, or Remove from team to remove them.
  5. Confirm the action.

Note: A member can belong to multiple teams. Removing a member from one team does not remove them from the account or other teams.

RBAC - Update Team

Delete a Team


  1. Navigate to the Teams page.
  2. Remove all members from the team (a team must be empty before it can be deleted).
  3. Click the three dots () next to the team name.
  4. Select Remove and confirm.

Endpoint Visibility

When you assign an endpoint to a team, only members of that team can see it. If a team has no endpoint assignments, its members can see every unrestricted endpoint on the account. Endpoints with no team assignment are visible to all account members.

To assign endpoints to a team, see the Advanced Account and Team Management guide.

역할 및 권한

RBAC provides three built-in roles: 관리자, 청구, 그리고 시청자. These roles determine the level of access a member has across the dashboard and are assigned at the member level, not the team level. Enterprise accounts can additionally create unlimited custom roles with configurable permissions. See 사용자 정의 역할 below.

User and API Key Roles

CategoryPermission or Action관리자청구시청자
Account members and rolesInvite, remove, re-invite members; change member roles; view members and rolesView onlyView only
TeamsCreate, update, delete, and manage team membershipView onlyView only
Endpoint visibilityManage endpoint team assignmentsView onlyView only
Endpoints (RPC)Create, archive, configure, secure, pause, inspect logs, and view metricsView endpoints and metrics onlyView endpoints, settings, logs, and metrics
Quicknode productsManage Quicknode products (e.g., Streams, Webhooks, and SQL Explorer) resourcesRead-onlyRead-only
Add-onsInstall, update, and deactivate add-ons아니요
Billing and usageManage billing, plans, payments, invoices, and usage dataUsage only
API keysCreate, delete, and read account API keys아니요Read-only
AI assistantUse the AI assistant
API key rolesRoles available when creating an API key관리자 또는 시청자해당 사항 없음해당 사항 없음

The table above covers the three built-in roles. Enterprise accounts can define custom roles with individually selected permissions. See Custom Roles below.

User Roles vs. API Key Roles

It is important to understand that user roles (for the dashboard) and API key roles are distinct concepts.


  • User Roles (관리자, 청구, 시청자) control what a person can see and do when logged into the Quicknode dashboard. For example, only an 관리자 user can access the API Keys page to create or manage keys.
  • API Key Roles (관리자, 시청자) define the permissions for a specific API key, determining what actions (e.g., 게시물 vs. GET) can be performed when that key is used by an application or script.

These roles are not tied to each other. An 관리자 user can generate a 시청자 key for a read-only monitoring tool, ensuring that the tool cannot make any changes, regardless of the creator's own permissions.

SSO Onboarding Integration

For teams using Single Sign-On (SSO):


  • Automatic Grouping: New SSO users are automatically added to an Onboarding group with a default 시청자 role, with auto creation of the group if it doesn't exist.
  • Security Assurance: This prevents inadvertent assignment of 관리자 privileges to new users.
  • Flexibility: Admins can later move SSO users to other groups or update their roles as required.

사용자 정의 역할

Enterprise accounts can create custom roles that go beyond the three built-in roles, with a large set of permissions configurable per role.

Basic RBACCustomizable RBAC
PlansAll paid plansEnterprise only
Built-in roles관리자, 청구, 시청자Same
Custom rolesNot available무제한
Permission granularityFixed per roleFully configurable

Create a Custom Role


  1. Navigate to the Roles page by opening the account dropdown in the bottom-left corner and selecting Account and then Roles.
  2. Click + New role.
  3. Enter a name for the role (e.g., Deploy-bot).
  4. Under Permissions, select the permissions to grant. Options span account management, endpoints, Streams, Webhooks, and many other categories.
  5. Click Create role.

Custom Role Creation

View and Manage Custom Roles

All roles are listed on the Roles page. Built-in roles appear under Default roles (managed by Quicknode and not editable). Your account-defined roles appear under Custom roles.

Roles Page

To edit or delete a custom role, click the three dots () next to the role name and select the desired action.

Enterprise only

The Roles tab and custom role management are available on Enterprise plans only. On all other plans, access is managed through the three built-in roles.

Manage API Keys with RBAC


  1. Access the API Keys page by clicking the dropdown menu next to your account name at the bottom left and selecting API Keys.
  2. Click on Add API Key to generate a new key.
  3. (Optional) Restrict the key to specific applications.
  4. Assign a role (관리자 또는 시청자) to the key.
  5. Click Create API Key and keep the key secure.

Generated API keys and their roles are visible for Admins in the API Keys section.

Programmatic Management with Admin API and CLI

All team management operations described above are available through the Quicknode Admin API. This enables you to automate team creation, member invitations, team member management, and endpoint assignments programmatically.

If you prefer a higher-level interface for scripting or AI-driven workflows, the Quicknode CLI provides a convenient alternative to raw Admin API calls and supports qn agent context for agent-based automation.

With the Admin API, you can:


  • Create and delete teams: Programmatically create new teams or remove existing ones
  • Invite and remove team members: Send invitations and manage team membership via API calls
  • Resend invitations: Resend pending invitation emails to members
  • Update endpoint access for teams: Assign or remove endpoints for a team in bulk
  • List accessible endpoints for a team: Retrieve a list of endpoints assigned to a particular team

For a full reference, see the Admin API team control endpoints.

결론

Quicknode's Members, Teams, and Roles system gives you precise control over who can access your account and which resources they can see. Members carry roles that determine dashboard permissions; teams scope endpoint visibility independently of those permissions. RBAC is available on all paid plans. Enterprise accounts can go further with custom roles, defining exactly what each role can access to match your organization's needs.

For advanced patterns like tagging, bulk endpoint assignments, and programmatic management at scale, see the Advanced Account and Team Management guide.

For further assistance, contact us directly.

Also, stay up to date with the latest by following us on Twitter and joining our Discord and Telegram announcement channel.

자주 묻는 질문

What is the difference between a member's role and their team membership?

A member's role (Admin, Billing, or Viewer) controls what they can do across the entire dashboard, such as creating endpoints or managing billing. Team membership only controls which endpoints they can see. These are independent: a Viewer-role member with no team assignment can still see every unrestricted endpoint on the account.

Can a member belong to more than one team?

Yes. A member can be added to as many teams as needed. Their role stays the same across all teams, but each team controls a distinct set of visible endpoints.

What happens if a member is not assigned to any team?

A member with no team assignment can see every endpoint that has no team restriction (unrestricted endpoints). They cannot see endpoints that have been assigned to a team they are not a member of.

How do I restrict endpoint visibility so only certain members can see an endpoint?

Assign the endpoint to a team. Once assigned, only members of that team can see it. Members on a different team, or no team, will not see the endpoint.

Can I change a member's role after they have accepted the invitation?

Yes. Go to the Members page, click the three dots next to the member, select Change role, and choose the new role. The account owner's role cannot be changed this way; transfer ownership first if needed.

What is the difference between user roles and API key roles?

User roles (Admin, Billing, Viewer) control what a person can see and do when logged into the dashboard. API key roles (Admin, Viewer) are separate and control what operations a key can perform when used by an application. An Admin user can generate a Viewer key for a read-only service without elevating that service's access.

What are custom roles and how do they differ from built-in roles?

Custom roles are account-defined roles available on Enterprise plans. Unlike the three built-in roles (Admin, Billing, Viewer) which have fixed permission sets managed by Quicknode, custom roles let you select individual permissions across categories like account management, endpoints, Streams, Webhooks, and more. You can create unlimited custom roles and assign them to members just like built-in roles.

Can I edit or delete a built-in role?

No. The built-in roles (Admin, Billing, Viewer) are managed by Quicknode and cannot be edited or deleted. To define a custom permission set, create a custom role on the Roles page (Enterprise only).

여러분의 피드백을 ❤️ 환영합니다!

의견이나 다루었으면 하는 새로운 주제가 있다면 알려주세요. 여러분의 의견을 기다리고 있습니다.

이 가이드를 공유하세요