PromptPal uses two complementary systems:
Clerk organization permissions
Used on sensitive org APIs and sidebar visibility:
org:audit:view— audit logs and exportorg:prompts:create/edit/delete/share_externalorg:members:manageorg:settings:manageorg:billing:manage
Clerk roles such as org:admin, org:workspace_admin, org:editor, org:viewer, org:api_only map to these permissions.
Workspace roles
Per workspace membership: owner > admin > editor > reviewer > viewer.
Lifecycle actions (submit, approve, reject, deprecate) use workspace roles. The effective organization role can be derived from workspace memberships when Clerk permissions are absent (legacy fallback).
Organization owner
The user in organization.ownerUserId has owner-level access regardless of workspace role.
| Action | Viewer | Editor | Reviewer | Admin | Owner |
|---|---|---|---|---|---|
| View org library & run playground (if policy allows) | Yes | Yes | Yes | Yes | Yes |
| Edit org prompts | No | Yes | Yes | Yes | Yes |
| Approve review queue items | No | No* | Yes | Yes | Yes |
| Manage org settings / SSO | No | No | No | With permission | Yes |
| View org audit logs | No | No | No | With org:audit:view | Yes |