Restricting project permissions for external users within organisation

(Thomas De Groof) #1

For some client projects, we wish to grant client stakeholders access to the client-specific Stoplight project in our Organisation.

Unfortunately, once a user is added to an Organisation, (s)he has read access to all repositories in that Organisation. Meaning: one client can view the projects of all other ones.

The alternative would be to set up a separate Organisation for these clients, and add our users to this Organisation. But then our users are billed twice.

What is the recommended way to restrict viewing access, while not billing users for 2 organisations?

(Robbins) #2

Hey Thomas,

At the moment there unfortunately isn’t a method for restricting access to repos for organizations members. What I would suggest is publishing docs behind some form of authorization and sending your stakeholders there.


(Thomas De Groof) #3

Hi Rob,

Thanks for your reply.

Published docs is not the issue… we want to provide access to the test scenarios and unreleased specification versions.
Any idea on how to tackle this?

(Robbins) #4

Hey Thomas,

It’s unfortunately not a feature we have at the moment but I have let the team know and we will discuss adding it in the future.


(Jelle) #5

Hi Rob,

Could you provide any timeline for this feature. It would be nice if we can collaborate with external stakeholders without giving them full read access to all our (organisation) repos.

Another option is limited read access for a certain team within an organisation.

Kind regards,