Role-Based Access Control with Team Management Permissions
Complete role-based access control is here. Global Administrators manage the system, Team Administrators control their teams, and users get exactly the permissions they need - including full team member management and MCP catalog access controls.
DeployStack now features comprehensive role-based access control that governs everything from system administration to team member management. The system supports four key roles: Global Administrators who manage the entire installation, Global Users who create and manage their own teams, Team Administrators with full control over team resources and membership, and Team Users who participate in team activities.
Team Administrators gain powerful member management capabilities - add up to 3 members per team, promote users to admin status, remove team members, and even transfer ownership when needed. Your default personal team remains protected and private, while additional teams support full collaboration. Global Administrators maintain oversight with read-only access to all teams for support and administrative purposes, though they cannot view actual credential values for security.
The MCP Catalog permissions align with your role perfectly. Global Admins manage community-wide servers and categories, Team Admins create and manage their team's private servers, while users browse and deploy from available servers based on their access level. Every action from creating teams to managing deployments follows the principle of least privilege - users get exactly the permissions they need, nothing more. This creates a secure, organized environment where solo developers and collaborative teams work efficiently without compromising security or stepping on each other's toes.