Understanding Roles

Scalingo currently provides three predefined roles to help you adapt permissions to the level of responsibility you want to delegate to your collaborators: Owner, Collaborator and Limited Collaborator.

Owner

Reserved for the application owner, the Owner role grants the highest level of permissions, including full administrative control such as deleting or transferring the application. The Owner is also the one who is billed for the application’s usage.

Collaborator

The Collaborator role is intended for trusted team members who are directly responsible for the configuration, deployment, and operational maintenance of applications and databases. It grants broad permissions, including access to environment variables, hosted data, deployment settings, and collaborator management, making it suitable for lead developers or DevOps engineers who need full technical control over the application.

While collaborators can perform almost all actions, including inviting and managing other users, they cannot delete, rename, or transfer the application. Those actions remain reserved for the Owner.

Limited Collaborator

The Limited Collaborator role is designed to minimize the risks associated with granting access to third parties or collaborators without operational responsibility. It allows contributors to perform essential day-to-day operations such as restarting applications, viewing logs or metrics, and managing review apps while preventing actions that could compromise the stability, confidentiality, or integrity of your services.

This role explicitly restricts access to critical operations like modifying configurations, deploying unvalidated code, exploring or exporting sensitive data and managing collaborators.

It is especially suited for environments where separation of duties is required. It ensures that users can contribute to the project without being able to compromise service stability, data integrity, or team governance.

Role Capabilities

Overview

The following table provides a synthetic overview of the main permissions associated with each role. In most cases, it should be enough to select the role that best suits your collaborators. However, we also provide an exhaustive list of access rights associated with each role.

	Owner	Collaborator	Limited Collaborator
Destructive Actions	🟢 Yes	🔴 No	🔴 No
App Configuration	🟢 Yes	🟢 Yes	🔴 No
Deployment	🟢 Yes	🟢 Yes	🟡 Limited
Add-ons Management	🟢 Yes	🟢 Yes	🔴 No
Collaborator Management	🟢 Yes	🟢 Yes	🔴 No
Access Data & Secrets	🟢 Yes	🟢 Yes	🔴 No

Permissions Matrices

The following tables detail the permissions available to collaborators of an app, grouped by scope, and differentiated according to the collaborator’s role. The Owner role is not listed, as it holds full and unrestricted access to all application resources.

Application Lifecycle

Permission	Collaborator	Limited Collaborator
Restart app	🟢 Yes	🔴 No
Stop app	🟢 Yes	🔴 No
Scale vertically	🟢 Yes	🔴 No
Scale horizontally	🟢 Yes	🔴 No
Setup an autoscaler	🟢 Yes	🔴 No
Update the settings of an autoscaler	🟢 Yes	🔴 No
Grant data access to Scalingo support operators	🟢 Yes	🟢 Yes
Manage log drains	🟢 Yes	🔴 No
Create a child app	🟢 Yes	🔴 No

Monitoring and Logs

Permission	Collaborator	Limited Collaborator
View activity	🟢 Yes	🟢 Yes
View activity details	🟢 Yes	🟡 Yes (env-vars values are hidden)
View logs	🟢 Yes	🟢 Yes
Download log achives	🟢 Yes	🔴 No
View metrics	🟢 Yes	🟢 Yes

App Configuration and Access Control

Permission	Collaborator	Limited Collaborator
Delete app	🔴 No	🔴 No
Rename app	🔴 No	🔴 No
Transfer ownership of the app	🔴 No	🔴 No
Change app’s stack	🟢 Yes	🔴 No
Invite collaborator	🟢 Yes	🔴 No
Revoke collaborator’s access	🟢 Yes	🔴 No
Change collaborator’s role	🟢 Yes	🔴 No

Deployments

Permission	Collaborator	Limited Collaborator
Configure SCM	🟢 Yes	🔴 No
Manage automatic deployments	🟢 Yes	🔴 No
Redeploy any branch	🟢 Yes	🔴 No
Redeploy the branch set as the default one	🟢 Yes	🟢 Yes
Access deployments history	🟢 Yes	🟢 Yes
Access deployments logs	🟢 Yes	🟡 Yes (only for deployments < 7 days)
Reset deployment cache	🟢 Yes	🟢 Yes

One-Off Containers and Scheduled Jobs

Permission	Collaborator	Limited Collaborator
List one-offs	🟢 Yes	🟢 Yes
Create a one-off	🟢 Yes	🔴 No
Access a one-off	🟢 Yes	🔴 No
List cron jobs	🟢 Yes	🟢 Yes

Environment Variables

Permission	Collaborator	Limited Collaborator
Manage environment variables	🟢 Yes	🔴 No
View environment variables names	🟢 Yes	🟢 Yes
View environment variables values	🟢 Yes	🔴 No

Review Apps

Permission	Collaborator	Limited Collaborator
Configure review apps	🟢 Yes	🔴 No
List review apps	🟢 Yes	🟢 Yes
Create review apps	🟢 Yes	🟡 Yes (only via SCM Tool if allowed)
Close review apps	🟢 Yes	🟢 Yes
Redeploy a review app	🟢 Yes	🟢 Yes

Add-ons

Permission	Collaborator	Limited Collaborator
Provision an add-on	🟢 Yes	🔴 No
Access an add-on dashboard	🟢 Yes	🔴 No
Change an add-on plan	🟢 Yes	🔴 No
Remove an add-on	🟢 Yes	🔴 No

Databases

Permission	Collaborator	Limited Collaborator
Access a database dashboard	🟢 Yes	🔴 No
Create a manual backup	🟢 Yes	🔴 No
Manage scheduled backups	🟢 Yes	🔴 No
Download backups	🟢 Yes	🔴 No
Restore backups	🟢 Yes	🔴 No
Restore a PITR	🟢 Yes	🔴 No
View connection details	🟢 Yes	🔴 No
View database logs	🟢 Yes	🔴 No
View database metrics	🟢 Yes	🔴 No
Manage Internet accessibility	🟢 Yes	🔴 No
Manage database configuration	🟢 Yes	🔴 No
Manage database users	🟢 Yes	🔴 No
Manage maintenance windows	🟢 Yes	🔴 No
Perform major upgrades	🟢 Yes	🔴 No
Perform minor upgrades	🟢 Yes	🔴 No

Last update: 02 Jul 2025 Suggest edits