Skip to main content
Workspace Members vs. PR Licenses: These are completely separate and don’t affect each other.
  • Workspace Members: Admins who configure Kodus settings (unlimited)
  • PR Licenses: Developers from your Git organization who get Kody reviews (based on your plan)

Understanding PR Licenses

PR licenses are automatically detected from your Git repositories based on developers who opened PRs in recent months. Why isn’t a developer showing up? If a developer isn’t appearing in your PR license count, it means Kody isn’t installed in a repository where that developer has opened PRs. Example: You can have 1 workspace admin managing settings, while 20 developers get automated reviews. All plans include unlimited PRs—your plan only determines which developers get review access.

Overview

Kodus workspaces supports Role-Based Access Control (RBAC), allowing you to manage user permissions and access levels within your organization. Each workspace member can be assigned one of four distinct roles, each with specific permissions and capabilities.

Available Roles

Each role provides different levels of access and capabilities within the workspace:

Owner

Full administrative access to the workspace and all its resources. Can view, edit, and delete all configurations across all repositories.

Billing Manager

Financial and billing management access with access to billing/subscription management and view access to most configurations, but no edit access to code review settings.

Repository Admin

Repository management access. Sees all configurations, pull requests, issues, cockpit, and plugins across the whole organization (read-only), and can edit code review configurations and Kody Rules for the repositories assigned to them.

Contributor

Read-only access to the whole organization. Contributors can view configurations, Kody Rules, pull requests, and issues across all repositories — no repository assignment needed — but cannot edit anything. Cockpit, token usage, billing, and user management stay admin-only.

Role Permissions Matrix

Here’s a detailed breakdown of what each role can do, based on the actual permissions matrix: LegendV view · E edit (create/update) · D delete · no access. Scope: all = whole organization · own = repositories assigned to the user · own+global = assigned repos plus the org-wide/global config.
FeatureOwnerBilling ManagerRepo AdminContributor
Code Review SettingsV (all) / E (all) / D (all)V (all)V (all) / E (own)V (all)
Kody Rules (Library)V (all) / E (all) / D (all)V (all)V (all) / E (own) / D (own)V (all)
Pull RequestsV (all) / E (all) / D (all)V (all)V (all)
CLI ReviewV (all) / E (all) / D (all)V (all)V (all)
IssuesV (all) / E (all) / D (all)V (all) / E (own)V (all)
Issues SettingsV (all) / E (all) / D (all)V (all)V (all) / E (all)V (all)
CockpitV (all) / E (all) / D (all)V (all)
Billing / SubscriptionV (all) / E (all) / D (all)V (all) / E (all) / D (all)
Git SettingsV (all) / E (all) / D (all)V (all)V (all)V (all)
PluginsV (all) / E (all) / D (all)V (all)V (all)V (all)
Activity LogV (all) / E (all) / D (all)V (all)V (all)V (all)
Token UsageV (all) / E (all) / D (all)V (all)V (all)
User / SeatsV (all) / E (all) / D (all)V (all)

Managing Workspace Members

Adding New Members

  1. Navigate to your workspace Members section
  2. Click “Invite member” button
  3. Enter the member’s email address
  4. Select the appropriate role for the new member
  5. Send the invitation

Auto-Join for Workspace Members

Enable auto-join to allow users with matching email domains to join your workspace automatically. How to enable:
  1. Go to Organization Settings
  2. Enable auto-join for your organization
  3. Currently works with your registered account email domain only
  4. Need a different domain? Contact us in the community
How it works:
  • Users who sign up with your email domain can choose to join your organization
  • They must confirm their email after choosing to join
  • All auto-join users enter as Contributor role (read-only access to the whole organization)
  • As Owner, adjust their role if they need edit rights

Changing Member Roles

  1. Go to the Members section in your workspace
  2. Find the member whose role you want to change
  3. Click on their current role dropdown
  4. Select the new role from the available options
  5. The change takes effect immediately

Removing Members

  1. In the Members section, locate the member to remove
  2. Click the “Actions” menu (three dots)
  3. Select “Remove from workspace”
  4. Confirm the removal in the dialog

Security Considerations

  1. Principle of Least Privilege: Always assign the role with the minimum necessary permissions
  2. Regular Audits: Periodically review member roles and adjust as needed
  3. Access Reviews: Conduct quarterly reviews of workspace access and permissions
  4. Immediate Revocation: Remove access immediately when a member leaves the organization

Troubleshooting

Solutions:
  • Verify you have Owner or Repository Admin role
  • Check if your workspace has reached any system limits
  • Ensure you have the correct permissions in your account
Solutions:
  • Confirm the member has Repository Admin or Owner role for the specific repository
  • Check if the member has “own” permissions for the repository they want to edit
  • Verify the member’s role assignment is correct
Solutions:
  • Ensure the member has Owner or Billing Manager role
  • Check if billing features are enabled for your workspace
  • Verify the member’s access hasn’t been restricted
Solutions:
  • Confirm the member has Repository Admin or Owner role (cockpit is not visible to Contributors or Billing Managers)
  • Verify the member’s role assignment is correct
Solutions:
  • Verify Kody is installed in the repositories where this developer opens PRs
  • Check if the developer has opened PRs in recent months
  • Remember: PR licenses come from Git activity, not workspace members
  • Ensure the repository webhook is properly configured