Users
Invite and manage organization members under Settings → Users. Membership comes from your identity provider (Keycloak); within Solya you assign roles and can remove a user from the organization. Removing a user also revokes any API tokens they created.Teams
Group users into teams to organize them and manage role assignments at scale.Roles
| Role | Focus |
|---|---|
| Organization admin | Full access to everything |
| User manager | Manage users, teams, roles |
| Data platform admin | Configure data sources, ingestion, sandbox; view analytics |
| Intelligence layer admin | Configure rules & recommendations; view analytics & signals |
| Inventory manager | Manage all inventory plans; view analytics & signals |
| Shop manager | Manage plans for assigned shops |
| Shop viewer | Read-only analytics for assigned shops |
| Analyst | Analytics & signals across all shops |
| Plan approver | Decide plan approval requests |
Permissions
Roles grant fine-grained, dot-notation permissions, for example:users.view,users.remove,teams.manage,roles.assignorg.settings.view,org.settings.editdataPlatform.view,dataPlatform.configure,dataPlatform.runSandboxintelligenceLayer.view,intelligenceLayer.configureinventoryPlans.view,inventoryPlans.manage,inventoryPlans.approvalsDecidesignals.view,signals.manage,analytics.view,analytics.manageshops.viewAllvsshops.viewAssigned
Permissions are enforced server-side — every server action and API route checks the
required permission after authentication, so the same rules protect the UI and the API.