Permission scope catalog
Every permission scope Disco Parrot ships, grouped by area, with its danger level and what it lets a holder do. The complete reference behind roles and custom permissions.
A scope is the unit of permission. Every action a person or an agent can take is gated by one, and a role is a bundle of scopes. This page is the complete list: more than 140 scopes, grouped by the area they govern, each one marked with its danger level and a plain description of what it grants. When you are building a custom role and need to know exactly which scope gates an action, or you are reviewing what a role can reach, this is where you confirm it.
The roles and permissions guide explains how scopes work and how to assemble a role; this page is the flat list it points back to. Every entry here is read from the product, so a scope id, its danger level, and its area are the exact values the role editor and the permission check use.
How to read a scope
Every scope shares one shape and carries one danger level, and a few carry a flag worth knowing.
The id. A scope id is lowercase and dot separated, naming a subject and an action. plans.manage is the manage action on plans; audit.export is the export action on the audit log. Some ids qualify the subject further, like secrets.tenant.read or conversations.read.own. The shape is consistent, so once you can read one scope you can read all of them.
The area. Every scope belongs to one of nine areas, which is how this catalog and the role editor group them. The area is a property of the scope, not always a part of its id, so members.read and audit.export both sit in the Tenant area even though neither id begins with the word tenant.
The fastest way to find a scope is to jump to the area that owns it: plans and bugs under Planning, secrets and providers under Platform, members and the audit log under Tenant.
The danger level. Every scope is marked with one of four levels, which the role editor uses to show you the weight of what you are granting.
lowcovers reading and self-service. Listing plans, viewing the plan and entitlements, managing your own sessions. The blast radius is small.elevatedcovers privileged writes. Creating and editing records, managing members, running flows, rotating secrets. Most management scopes sit here.destructivecovers the irreversible. Exactly three scopes carry it:tenant.deletedeletes the workspace,members.removerevokes a member's access, andpr.mergemerges straight to the default branch. The role editor asks you to confirm these before they go onto a custom role.platform-onlyis operator territory. Exactly one scope carries it, and it can never be granted to a workspace role.
The flags. Three optional markers change how a scope is checked, and the flag reference at the end lists exactly which scopes carry each one.
- A scope that needs an entitlement is inert unless your commercial plan includes it, even when a role grants it.
- A self-only scope acts only on your own records. Your sessions, your notifications, your conversations.
- A resource-scoped scope is checked against a specific project, portfolio, team, or profile rather than the whole workspace, so a grant reaches only the resources you have access to.
The nine areas
Scopes are grouped into nine areas, which is also how the role editor lays them out.
| Area | What it governs |
|---|---|
| Tenant | Workspace identity, members, invitations, domains, roles, the audit log, licensing, and AI spend. |
| Auth | Your own identity: linked logins, sessions, preferences, and the workspaces and invitations addressed to you. |
| Platform | The platform admin surface: AI and repo providers, MCP, SDK configs, skills, sandbox profiles and hosts, secrets, integrations, agent instructions, commands, and docs. |
| Planning | The work itself: initiatives, plans, projects, portfolios, teams, sprints, reports, goals, bugs, test cases, documents, flows, workflows, and PR review. |
| Membership | The per-resource grant tiers for a single team, portfolio, or project. |
| Chat and sandbox | Chat, the sandbox lifecycle and IDE access, sessions, background tasks, and shipping a pull request. |
| Notifications | Your own notifications, watching entities, and test sends. |
| Events | The unified real-time event stream. |
| Operator | Platform-wide operator endpoints, never granted to a workspace role. |
Tenant
Workspace identity, the people in it, and the records that govern it.
| Scope | Danger | What it lets a holder do |
|---|---|---|
tenant.read | low | View workspace details and settings. |
tenant.create | low | Create a new workspace. |
tenant.update | elevated | Rename the workspace and change its settings. |
tenant.delete | destructive | Permanently destroy the workspace and all its data. |
members.read | low | List the workspace's members. |
members.invite | elevated | Create, list, and revoke invitations. |
members.manage | elevated | Change another member's role assignments. |
members.remove | destructive | Revoke another member's access. |
members.leave.own | low | Leave the workspace, for a non-owner. |
domains.read | low | List the claimed email domains. |
domains.manage | elevated | Claim, verify, and remove domain claims. |
roles.read | low | View the built-in and custom role definitions. |
roles.manage | elevated | Create, edit, and delete custom roles. |
audit.read | elevated | Read the workspace audit log. |
audit.export | elevated | Download the audit log. Needs the audit export entitlement. |
licensing.read | low | View the plan, entitlements, and quotas. |
ai-spend.read | elevated | View AI usage, spend, and budgets. |
ai-spend.manage | elevated | Manage AI cost centers, allocations, and budgets. |
ai-spend.export | elevated | Download AI usage and spend. Needs the AI spend export entitlement. |
Auth
Your own identity and account, always self-only.
| Scope | Danger | What it lets a holder do |
|---|---|---|
me.identities.manage | low | Link, unlink, and merge your own logins. |
me.sessions.manage | low | List and revoke your own sessions. |
me.preferences.manage | low | Update your own profile, notification settings, and preferences. |
me.tenants.read | low | List your workspaces and switch the active one. |
me.invitations.read | low | List invitations addressed to you. |
Platform
The admin surface: providers, repositories, MCP, SDK configs, secrets, sandbox profiles and hosts, and the workspace's agent instructions, commands, and docs. The read scopes are low; the manage scopes that change shared configuration are elevated.
| Scope | Danger | What it lets a holder do |
|---|---|---|
area.platform | low | See and navigate the Platform area. |
providers.read | low | List the configured AI provider records. |
providers.health.test | low | Run provider health and connectivity tests. |
repositories.read | low | List the connected code repositories. |
repositories.manage | elevated | Connect, edit, and remove code repositories. |
repo-providers.read | low | List the git provider links. |
repo-providers.manage | elevated | Configure repo provider credentials and links. |
mcp.read | low | List the MCP server configurations. |
mcp.manage | elevated | Create, edit, delete, and test MCP servers. Needs the custom MCP entitlement. |
mcp.auth.tenant.manage | elevated | Run an OAuth or device-code flow for a workspace-wide MCP credential. |
mcp.auth.user.manage | low | Manage your own MCP credential. |
sdk-configs.read | low | List SDK configs and the SDK catalog. |
sdk-configs.manage | elevated | Create, edit, delete, and test SDK configs. |
status-skills.read | low | List the status-scoped skill bindings. |
status-skills.manage | elevated | Bind and unbind status-scoped skills. Needs the skill templates entitlement. |
sandbox-profiles.read | low | List sandbox profiles and presets. |
sandbox-profiles.manage | elevated | Create, edit, delete, and test sandbox profiles. |
sandbox-profile.use | low | Launch a sandbox from a profile. Checked per profile. |
sandbox-profile.acl.manage | elevated | Edit a profile's allowed users and roles. |
hosts.read | low | List the bring-your-own sandbox hosts and their status. |
hosts.manage | elevated | Register, edit, and delete hosts, and download operator bundles. |
secrets.tenant.read | elevated | List the workspace's secret references. Values are never returned. |
secrets.tenant.manage | elevated | Create, update, and delete workspace secrets. |
secrets.user.manage | low | Create, update, and delete your own secrets. |
integrations.read | low | List the configured integrations. |
integrations.manage | elevated | Configure, validate, and delete integrations. |
integrations.user-credential.manage | low | Set and remove your own integration credential. |
agent-instructions.read | low | View the workspace agent instructions. |
agent-instructions.manage | elevated | Edit the workspace agent instructions. |
commands.read | low | View the workspace's command overrides. |
commands.manage | elevated | Author, edit, and delete command overrides. |
platform-docs.read | low | View the workspace's platform docs. |
platform-docs.manage | elevated | Edit and remove the workspace's platform docs. |
onboarding.read | low | List and view onboarding checklists. |
onboarding.manage | elevated | Create, analyze, reset, and delete onboarding checklists. |
notifications.tenant-prefs.manage | elevated | Read and write the workspace's default notification preferences. |
Planning
The work model and everything that acts on it. Project, portfolio, and sprint scopes are checked against the resource you are reaching.
| Scope | Danger | What it lets a holder do |
|---|---|---|
area.planning | low | See and navigate the Planning area. |
initiatives.read | low | List and view initiatives. |
initiatives.manage | elevated | Create, edit, delete, and restore initiatives. |
initiatives.sync-spec | elevated | Run the spec-sync flow against an initiative's document provider. |
plans.read | low | List and view plans. |
plans.manage | elevated | Create, edit, delete, and restore plans. |
projects.read | low | List and view projects. Checked per project. |
projects.manage | elevated | Create, edit, delete, and restore projects. Checked per project. |
projects.members.manage | elevated | Add, remove, and re-role project members, and transfer project ownership. |
portfolios.read | low | List and view portfolios. Checked per portfolio. |
portfolios.manage | elevated | Create, edit, archive, delete, and restore portfolios. Checked per portfolio. |
teams.read | low | List and view teams. |
teams.manage | elevated | Create, edit, and delete teams. |
teams.members.manage | elevated | Add, remove, and re-role team members, and transfer team ownership. |
sprints.read | low | List and view sprints. |
sprints.manage | elevated | Create, edit, and delete sprints. Checked against the sprint's team. |
reports.read | low | View reports. |
reports.manage | elevated | Trigger snapshot capture and manage saved reports. |
reports.saved.manage | low | Save, rename, and delete your own report dashboards. |
reports.saved.share | low | Share a saved report dashboard with its teams. |
dashboards.manage | low | Save, rename, and delete your own multi-panel dashboards. |
dashboards.share | low | Share a saved dashboard with its teams. |
goals.read | low | View goals and key results. |
goals.manage | elevated | Create, edit, and delete goals and key results, and link entities. |
bugs.read | low | List and view bugs. |
bugs.manage | elevated | Create, edit, decline, restore, and delete bugs, and run AI triage. |
test-cases.read | low | List and view test cases. |
test-cases.manage | elevated | Create, edit, delete, and restore test cases. |
documents.read | low | List, view, and download documents. |
documents.manage | elevated | Upload, edit, version, restore, attach, and detach documents. |
threads.read | low | Read discussion threads on accessible records. |
threads.manage | low | Start, reply, close, reopen, and retitle discussion threads. |
doc-providers.read | low | List document providers and browse their files. |
doc-providers.import | elevated | Import documents from a connected provider. |
flows.read | low | List flow templates, instances, and schedules. |
flows.manage | elevated | Create, edit, customize, and delete flow templates. |
flows.run | elevated | Start, resume, retry, and checkpoint flow instances. |
flows.cancel.any | elevated | Cancel a running flow regardless of who started it. |
workflows.read | low | View the status workflow definitions. |
workflows.manage | elevated | Edit the status workflow definitions. |
pr-review.read | low | View a plan's pull-request metadata, diffs, and review signals. |
review-findings.read | low | List PR and plan review findings. |
review-findings.manage | elevated | Edit, delete, and dispatch fix flows for review findings. |
doc-proposals.read | low | List documentation-review runs and their proposed edits. |
doc-proposals.review | elevated | Accept, reject, and apply documentation proposals. |
link-pr.manage | elevated | Attach a pull request to a plan or bug and update its status. |
Membership
The per-resource grant tiers for a single team, portfolio, or project, each checked against that resource. They stack: view, then contribute, then plan.
| Scope | Danger | What it lets a holder do |
|---|---|---|
team.view | low | View a team's details and roster. |
team.contribute | elevated | Comment on and edit a team's existing content. |
team.plan | elevated | Add and remove team members and edit team settings. |
portfolio.view | low | View a portfolio's details, projects, and goals. |
portfolio.contribute | elevated | Comment on and edit a portfolio's existing content. |
portfolio.plan | elevated | Link and unlink projects and edit portfolio settings. |
project.view | low | View a project's details, plans, and roster. |
project.contribute | elevated | Comment on and edit a project's existing content. |
project.plan | elevated | Create and edit a project's plans, initiatives, and settings. |
Chat and sandbox
Working with the agent, and the sandboxes and pull requests that work produces.
| Scope | Danger | What it lets a holder do |
|---|---|---|
chat.use | low | Open the chat panel and send messages. |
chat.background.manage | elevated | Send a chat to the background and resume a backgrounded task. |
conversations.read.own | low | List and read your own conversations. |
conversations.manage.own | low | Create, edit, and end your own conversations. |
conversations.read.any | elevated | Read another member's conversations. |
saved-answers.manage | low | Save and delete answers from Ask. |
micro-edit.use | low | Use quick-edit for small AI-assisted file changes. |
pr.submit | elevated | Open a pull request from sandbox changes. |
pr.merge | destructive | Merge a branch directly into the default branch. |
sandbox.read | low | List sandboxes and their status. |
sandbox.manage | elevated | Pause, destroy, warm, and clean up sandboxes. |
sandbox.ide.access | elevated | Open an IDE session on a sandbox. |
sandbox-changes.review | low | Inspect the changed file set in a sandbox. |
sessions.read | low | List sandbox sessions. |
sessions.cancel.own | low | Cancel a session you started. |
sessions.cancel.any | elevated | Cancel any session. |
tasks.read | low | List and read your own background tasks. |
tasks.read.any | elevated | List and read any background task. |
tasks.run | elevated | Start background tasks. |
tasks.cancel.own | low | Cancel a task you started. |
tasks.cancel.any | elevated | Cancel any task. |
Notifications
Your own notifications and what you watch.
| Scope | Danger | What it lets a holder do |
|---|---|---|
notifications.read.own | low | Read your own notifications and mark them seen, read, or archived. |
notifications.watch.manage | low | Watch and unwatch entities. |
notifications.test | low | Send a test notification through a configured channel. |
Events
The real-time channel.
| Scope | Danger | What it lets a holder do |
|---|---|---|
events.stream.read | low | Open the unified event stream for your own real-time updates. |
Operator
The one operator-only scope. It can never be assigned to a workspace role.
| Scope | Danger | What it lets a holder do |
|---|---|---|
platform.operator | platform-only | Run platform-wide operator endpoints. Held outside the workspace role model. |
Scopes with a flag
Most scopes are plain workspace-wide grants. These carry a flag that changes how they are checked.
Need an entitlement. These four are inert unless your plan includes the matching entitlement, even when a role grants them: audit.export, ai-spend.export, mcp.manage, status-skills.manage.
An entitlement-gated scope on a role is inert until the plan includes the entitlement. The grant is real but does nothing, so a role can list mcp.manage and the holder still cannot manage MCP servers without the custom MCP entitlement.
Act on your own records only. These self-only scopes are satisfied automatically for your own records and reach no one else's: every me.* scope, members.leave.own, mcp.auth.user.manage, secrets.user.manage, integrations.user-credential.manage, conversations.read.own, conversations.manage.own, sessions.cancel.own, tasks.cancel.own, notifications.read.own, notifications.watch.manage, and events.stream.read.
Checked against a resource. These are checked against the specific project, portfolio, team, or profile you are reaching rather than the whole workspace: sandbox-profile.use, projects.read, projects.manage, portfolios.read, portfolios.manage, sprints.manage, and all nine membership scopes (team.*, portfolio.*, project.*). Of these, sandbox-profile.use is the one checked against a list on the profile record itself; the rest are checked against your access to the resource.
One question the catalog answers
A reviewer is handed a custom role called Release Captain and asked a single question: can someone holding it push code straight to the default branch without a pull request? The role lists about forty scopes, and the answer has to come from the catalog, not from trust.
They scan the Chat and sandbox area for the branch-affecting scopes and find three. pr.submit, elevated, opens a pull request from sandbox changes. pr.merge, destructive, merges a branch directly into the default branch, with no review step in between. sandbox.ide.access, elevated, opens an IDE on a sandbox. The Release Captain role carries pr.submit and sandbox.ide.access but not pr.merge. The question is answered: this role can open a pull request and work in a sandbox, but the one scope that bypasses review is absent, and its destructive level is why it stood out on the list in the first place.
That is the catalog working as a review surface. The danger level draws the eye to the scope that matters, the description says exactly what it grants, and a role's reach is a reading of its scope set rather than a judgment call.
Why the catalog is shaped this way
The model is legible because there is no hidden layer. Every action the product or an agent can take resolves to one of the scopes on this page, the same scope the route checks and the role editor shows, with no separate rulebook behind it. That is why the catalog can be exhaustive: there is nothing to leave out, because a capability that is not a scope is not a capability. When you read that a role grants bugs.manage and not pr.merge, you know exactly what it can do with a bug and what it cannot do to a branch.
The danger levels are the other half of the design, and they exist so a permission decision is a reading task rather than a guess. A scope marked destructive is destructive whoever holds it, and the role editor surfaces that weight at the moment you grant it rather than leaving you to find out later. The same agent that does your work is bound by the same scopes a person is, so the catalog is not only how you reason about your teammates' access. It is how you reason about the agent's.
For an administrator, this is the working surface behind every custom role. When you are deciding what a role should reach, the scope is the unit you grant, and the danger level is how you weigh it. The built-in roles page shows how the eleven shipped roles draw from this same list.
For a power user, the catalog explains why an action is or is not available to you. A control you cannot see is a scope your roles do not carry, and this page names which one.
For an enterprise reviewer, the value is the completeness. A claim about least privilege is checkable only against a full list of what privilege there is, and this is that list: every gateable action, its blast radius, and whether it is gated by a license, your own ownership, or a single resource.
For a prospect, the takeaway is the shape. A platform that lets agents act on your work has to answer one question: what exactly can act, and on what. A model where every capability is one named, leveled scope answers that with a list you can check, not a reassurance you have to take on faith.
The eleven roles that ship, and the scopes each one draws from this catalog.
The concept behind scopes, and how to build a custom role.
The entitlements that gate the four licensed scopes.
When an action is refused, the scope behind it and how to clear it.