Storyblok Roles and Permissions | OpsBlu Docs

Storyblok Roles and Permissions

Understanding Storyblok user roles including Owner, Admin, Editor, Developer, and Viewer permissions for space management

Storyblok provides a role-based access control system for managing team collaboration on content. Understanding role permissions is essential for secure, efficient content management.

Storyblok Role Hierarchy

Storyblok has five primary roles with decreasing levels of access:

  1. Owner - Full control, billing access, space deletion
  2. Admin - Space management, user invitations, settings
  3. Editor - Content creation and editing
  4. Developer - Technical access, components, and schemas
  5. Viewer - Read-only access

Detailed Role Permissions

Owner (Highest Privilege)

The Owner has unrestricted access to all Storyblok features and is the only role with billing and deletion capabilities.

Core Permissions:

  • All Admin permissions (below)
  • Access billing and subscription management
  • Delete the entire space
  • Transfer space ownership to another user
  • Manage Storyblok plan upgrades/downgrades
  • Access dangerous settings (permanent data operations)
  • Cancel subscription

Access to:

  • Settings → Space settings (full access)
  • Settings → Collaborators (full access)
  • Settings → Visual Editor (full access)
  • Settings → Billing (exclusive)
  • Settings → Access Tokens (full access)
  • All content operations
  • All component operations

Limitations:

  • Only one Owner per space
  • Owner role cannot be removed, only transferred
  • Owner transfer is permanent

Best Practices:

  • Reserve Owner for CEO, CTO, or designated technical lead
  • Document Owner credentials in secure password manager
  • Plan for ownership transfer in case of employee departure
  • Never share Owner credentials

When to Use Owner:

  • Initial Storyblok setup and configuration
  • Billing and plan management
  • Space migration or deletion
  • Critical infrastructure changes

Admin

Administrators manage day-to-day operations, users, and space configuration but lack billing and destructive capabilities.

Core Permissions:

  • Invite and manage users (except Owner transfer)
  • Modify space settings
  • Create, edit, and delete components
  • Create and manage content types (schemas)
  • Configure Visual Editor settings
  • Manage webhooks and integrations
  • Publish, edit, and delete all content
  • Access Asset Library
  • Configure locales and languages
  • Manage folders and workflow

Access to:

  • Settings → Space settings (read/write)
  • Settings → Collaborators (manage users, create invites)
  • Settings → Visual Editor (read/write)
  • Settings → Access Tokens (create/delete)
  • Settings → Webhooks (read/write)
  • Settings → Languages (read/write)
  • All stories and content
  • All components and blocks

Cannot Access:

  • Settings → Billing
  • Space deletion
  • Owner transfer
  • Subscription changes

Best Practices:

  • Assign to technical leads, CMO, or senior content strategists
  • Limit to 2-3 trusted administrators
  • Document changes in shared team notes
  • Review Administrator activity quarterly

When to Use Admin:

  • Managing content team (inviting/removing users)
  • Creating and modifying components
  • Configuring webhooks for builds
  • Managing Visual Editor settings
  • Setting up content structures

Common Administrator Tasks:

  1. Create Component:

    • Components → Create new
    • Define schema fields
    • Configure field types
    • Save component

  2. Invite Collaborator:

    • Settings → Collaborators → Invite collaborator
    • Enter email and select role
    • Send invitation

  3. Configure Webhook:

    • Settings → Webhooks → Create webhook
    • Name: "Build Production Site"
    • URL: Deployment webhook URL
    • Triggers: Select events
    • Save

Editor

Editors create and manage content but cannot modify space structure or settings.

Core Permissions:

  • Create, edit, and publish stories
  • Delete own drafts
  • Upload and manage assets in Asset Library
  • Create and manage folders (if enabled)
  • Preview content
  • Access all components (use in content, not modify)
  • Collaborate on stories
  • Translate content (if multilingual)

Access to:

  • Stories (create, edit, publish, delete drafts)
  • Asset Library (upload, organize, delete)
  • Folders (create, manage)
  • Preview functionality
  • Content calendar (if enabled)

Cannot Access:

  • Settings menu (any section)
  • Component creation or modification
  • User management
  • Webhooks or integrations
  • API token creation
  • Billing or ownership
  • Space settings
  • Schema modification

Limitations:

  • Cannot modify component structure
  • Cannot invite or remove users
  • Cannot access space settings
  • Cannot create webhooks
  • May not delete published content (depends on space configuration)

Best Practices:

  • Assign to content creators, writers, marketers
  • Ideal for day-to-day content management
  • Editors should understand component usage
  • Monitor Editor actions via Storyblok activity log

When to Use Editor:

  • Creating blog posts, pages, and content
  • Managing media assets
  • Publishing content to website
  • Collaborating on content with team
  • Working within established components

Editor Workflow Example:

  1. Create new story
  2. Select content type (e.g., Blog Post)
  3. Add components to story
  4. Fill in component fields
  5. Preview content
  6. Publish or save as draft

Developer

Developers have technical access to components, schemas, and integrations without full admin rights.

Core Permissions:

  • Create and modify components
  • Edit schemas and field types
  • Access Visual Editor configuration
  • Create and manage blocks
  • Access API documentation
  • Configure field plugins
  • Test webhooks and integrations

Access to:

  • Components (create, edit, delete)
  • Schemas (modify field types)
  • Visual Editor (configure)
  • API documentation
  • Datasources (manage)

Cannot Access:

  • User management
  • Billing
  • Space deletion
  • Collaborator invitations
  • Some space settings

Limitations:

  • Cannot invite or remove users
  • Cannot access billing
  • Cannot modify space-level settings
  • Limited access to collaborator management

Best Practices:

  • Assign to front-end developers
  • Ideal for component development
  • Developers should coordinate with Admins on space settings

When to Use Developer:

  • Building components and blocks
  • Configuring schemas
  • Testing integrations
  • Implementing field plugins
  • API development and testing

Viewer (Read-Only)

Viewers have read-only access to content and assets.

Core Permissions:

  • View stories
  • View Asset Library
  • Preview content
  • Access Visual Editor (view only)

Access to:

  • Stories (read-only)
  • Asset Library (view-only)
  • Preview functionality

Cannot Access:

  • Any write operations
  • Settings or configuration
  • User management
  • Component modification
  • Publishing

Limitations:

  • Cannot create, edit, or delete
  • Cannot upload assets
  • Cannot publish content
  • No access to settings

When to Use Viewer:

  • Stakeholders needing visibility
  • External reviewers
  • Clients reviewing content
  • New team members during onboarding

Component and Schema Permissions

Who Can Create Components

  • Owner: Yes
  • Admin: Yes
  • Developer: Yes
  • Editor: No
  • Viewer: No

Who Can Modify Schemas

  • Owner: Yes
  • Admin: Yes
  • Developer: Yes
  • Editor: No (can use components, not modify)
  • Viewer: No

Who Can Delete Components

  • Owner: Yes
  • Admin: Yes
  • Developer: Yes (with caution)
  • Editor: No
  • Viewer: No

Important: Deleting a component affects all stories using it.

Visual Editor Permissions

Who Can Configure Visual Editor

  • Owner: Yes
  • Admin: Yes
  • Developer: Yes
  • Editor: No
  • Viewer: No

Who Can Use Visual Editor

  • Owner: Yes
  • Admin: Yes
  • Developer: Yes
  • Editor: Yes
  • Viewer: Yes (view-only)

Asset Library Permissions

Who Can Upload Assets

  • Owner: Yes
  • Admin: Yes
  • Developer: Yes
  • Editor: Yes
  • Viewer: No

Who Can Delete Assets

  • Owner: Yes
  • Admin: Yes
  • Developer: Yes
  • Editor: Yes (own uploads)
  • Viewer: No

Webhook and Integration Permissions

Who Can Create Webhooks

  • Owner: Yes
  • Admin: Yes
  • Developer: No (can test)
  • Editor: No
  • Viewer: No

Who Can Configure Integrations

  • Owner: Yes
  • Admin: Yes
  • Developer: Partial (API testing)
  • Editor: No
  • Viewer: No

Permission Matrix

Permission Owner Admin Developer Editor Viewer
Content Management
Create stories
Edit all stories
Publish stories
Delete stories Drafts
Asset Library
Upload assets
Delete assets
Components & Schema
Create components
Modify schemas
Delete components
User Management
Invite users
Remove users
Change user roles
Transfer ownership
Settings
Access space settings Limited
Create webhooks
Create API tokens
Billing
Manage billing
Delete space

Role Selection Guidelines

Choose Owner When:

  • Responsible for billing and subscription
  • Managing infrastructure
  • Full accountability for space

Choose Admin When:

  • Managing content team
  • Configuring components and webhooks
  • Not requiring billing access

Choose Developer When:

  • Building components
  • Technical implementation
  • Not managing users

Choose Editor When:

  • Creating content regularly
  • Publishing within established structure
  • Not needing technical access

Choose Viewer When:

  • Read-only access needed
  • Stakeholder visibility
  • No content creation needed

Next Steps

शीर्ष पर वापस जाएँ