Roles

The following roles are used to manage access control for the chatbot APIs. Each role includes a list of permissions that determine what actions can be performed on resources such as models, pipelines, presets, chatbots, users, and more.

End User

Attribute	Description
ID	_end_user
Display Name	End User
Description	The final user of the chatbot. Can only interact through the chat interface.
Permissions	send_message

GLChat Engineer

Attribute	Description
ID	_glchat_engineer
Display Name	GLChat Engineer
Description	Internal engineers with full technical access to model, pipeline, preset, and system configuration components.
Permissions	create_model, create_pipeline, create_preset, create_system_setting, delete_model, delete_pipeline, delete_preset, delete_system_setting, read_model, read_pipeline, read_preset, read_system_setting, update_model, update_pipeline, update_preset, update_system_setting

Operational Admin

Attribute	Description
ID	_operational_admin
Display Name	Operational Admin
Description	Operational administrator with read and update access to various entities, but without create or delete privileges. Commonly used by operational teams for maintenance activities.
Permissions	read_* , update_* for resources such as: agent, chatbot, company, key, knowledge_base, model, pipeline, preset, role, system_setting, and user.

Super Admin

Attribute	Description
ID	_super_admin
Display Name	Super Admin
Description	A high-level administrator focused on managing technical configurations such as models, pipelines, presets, and system settings.
Permissions	create_model, create_pipeline, create_preset, create_system_setting, delete_model, delete_pipeline, delete_preset, delete_system_setting, read_model, read_pipeline, read_preset, read_system_setting, update_model, update_pipeline, update_preset, update_system_setting

System Admin

Attribute	Description
ID	_system_admin
Display Name	System Admin
Description	Technical administrator responsible for managing core system entities such as agents, chatbots, knowledge bases, and presets. Does not have user management permissions.
Permissions	create_agent, create_chatbot, create_knowledge_base, create_preset, delete_agent, delete_chatbot, delete_knowledge_base, delete_preset, read_agent, read_chatbot, read_knowledge_base, read_preset, update_agent, update_chatbot, update_knowledge_base, update_preset

Technical Admin

Attribute	Description
ID	_technical_admin
Display Name	Technical Admin
Description	Administrator with full technical access to models, pipelines, presets, and system settings. Typically used by technical teams for configuration management.
Permissions	create_model, create_pipeline, create_preset, create_system_setting, delete_model, delete_pipeline, delete_preset, delete_system_setting, read_model, read_pipeline, read_preset, read_system_setting, update_model, update_pipeline, update_preset, update_system_setting

User Admin

Attribute	Description
ID	_user_admin
Display Name	User Admin
Description	Role responsible for full user management operations (create, update, delete, read). Typically assigned to platform administrators or HR teams.
Permissions	create_user, delete_user, read_user, update_user

Additional Notes

1. Roles with the _admin prefix generally hold administrative privileges — either at the system, technical, or operational level.

2. Roles can be combined or extended for specific needs (e.g., Operational Admin + User Admin for daily system maintenance).