> ## Documentation Index
> Fetch the complete documentation index at: https://flatfileinc-remove-rss-json.mintlify.site/llms.txt
> Use this file to discover all available pages before exploring further.

# Roles & Permissions

> grant your team and customers access

<Snippet file="shared/dxpbanner.mdx" />

## Administrator Roles

Administrator roles have full access to your accounts, including inviting
additional admins and seeing developer keys.

<Note>
  The `accessToken` provided will remain valid for a duration of 24 hours.
</Note>

| Role          | Details                                                                                                                                                                               |
| ------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| Administrator | This role is meant for any member of your team who requires full access to the Account.<br /> <br />✓ Can add other administrators <br />✓ Can view secret keys <br />✓ Can view logs |

## Guest Roles

Guest roles receive access via a magic link or a shared link depending on the
[Environment](https://platform.flatfile.com/dashboard) `guestAuthentication`
type. Guests roles can invite other Guests unless you turn off this setting in
the [Guest Sidebar](/learning-center/guides/guest_sidebar).

<Note>
  The `accessToken` provided will remain valid for a duration of 1 hour.
</Note>

### Space Grant

| Role               | Details                                                                                                                                                        |
| ------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| Single-Space Guest | This role is meant for a guest who has access to only one Space. Such guests can be invited to additional Spaces at any time.                                  |
| Multi-Space Guest  | This role is meant for a guest who has access to multiple Spaces. They will see a drop-down next to the Space name that enables them to switch between Spaces. |

### Workbook Grant

| Role                  | Details                                                                                    |
| --------------------- | ------------------------------------------------------------------------------------------ |
| Single-Workbook Guest | This role is meant for a guest who should have access to only one Workbook within a Space. |
| Multi-Workbook Guest  | This role is intended for a guest who has access to multiple Workbooks within a Space.     |

<Info>This role can only be configured using code. See code example.</Info>

```js theme={"system"}
const createGuest = await api.guests.create({
  environmentId: "us_env_hVXkXs0b",
  email: "guest@example.com",
  name: "Mr. Guest",
  spaces: [
    {
      id: "us_sp_DrdXetPN",
      workbooks: [
        {
          id: "us_wb_qGZbKwDW",
        },
      ],
    },
  ],
});
```

### Guest Lifecycle

When a guest user is deleted, all their space connections are automatically removed to ensure security. This means:

* The guest loses access to all previously connected spaces
* They cannot regain access to these spaces without being explicitly re-invited

This automatic cleanup ensures that deleted guests cannot retain any access to spaces, even if they are later recreated with the same email address.