When accessing MK.IO, or using MK.IO to manage Beam devices, users are assigned permissions that allow them to securely collaborate and use resources within their organization according to their roles and responsibilities.

Role-based access control (RBAC) is an authorization system that defines permissions based on roles. MK.IO role-based access control helps you manage who has access to MK.IO resources, what they can do with those resources, and what areas they have access to.

Concepts

• Organization: A company or group that uses MK.IO.
• Project: holds resources such as assets, live events and transforms. They are linked to an organization and linked to a subscription or method of payment for billing.
• User: Individual who may have access to multiple teams and organizations. A user's permissions are granted through teams.
• Team: A group of users within an organization. A team is granted permissions on projects and resources.

MK.IO comes with an integrated role-based system designed to be straightforward, allowing for easy onboarding of new collaborators. The first user in the organization is automatically granted Administrators access permissions. The Administrators have full control over the system, including the ability to invite users and create new teams.

Manage teams

Being part of an organization means that you're a member of one or more teams. Project access is granted to users through Teams.

By default, every organization has 2 predefined teams: Administrators and Everyone. However, you can create new ones if you have more advanced needs.

• Members of the Administrators team have full access and administrative rights to all projects. They also have organization-level permissions, such as the ability to view billing information.
• The Everyone team automatically includes all users of the organization. By default, the Everyone team provides users access to all projects, with a permission level set by Administrators: either User or Reader. Optionally, the Everyone team can be configured to have no access.

Create a team

👉

This action is only available to members of the Administrators team.

1. From the profile drop-down menu, in the top right corner, navigate to Organization Settings then select Access Management. From the Teams tab, for each existing team, you can view the associated number of members and the number of projects.
2. If you have the permission, click Create Team, then enter a name and a description.
3. Once created, you can manage the team by clicking on the team name which takes you to the page where you can add users and select the projects and type of access those users have.

Edit the team members

👉

This action is only available to members of the Administrators team, or the relevant Team admins

From the Teams tab, select a team. Users can be added using the Add user button. You can set a user as a Team admin or remove them from the team using the three dot menu on the right of their username.

Edit the projects to which the team has access

👉

This action is only available to members of the Administrators team.

From the Teams tab, select a team. You can add projects to which the team has access in the right-hand pane. You can also select the type of access the team has to each project. The options are "reader" for read-only access and "user" for full access to create and modify objects in the project.

Edit the team details or delete the team

👉

This action is only available to members of the Administrators team.

From the Teams tab, click the 3 vertical dots in the top right corner, then select the appropriate action.