Skip to main content
Gecko has four built-in roles. Give each person the narrowest role that still lets them do their job.

Roles

Admin

Team owners. Full control of settings, members, roles, identity (SSO/SCIM), repositories, scans, findings, integrations, and API keys.

Manager

Runs the security program day to day: members, repositories, scans, findings, schedules, workflows, rules, and integrations, without owning identity.

Member

Does the work: runs scans and triages findings, but doesn’t manage team configuration, roles, SSO, or integrations.

Read Only

Visibility without mutation, for stakeholders who need to see results and settings but not change them.

Permission matrix

Manage = read and write · View = read only · None = no access.
ResourceAdminManagerMemberRead Only
Team settingsManageViewNoneNone
MembersManageManageNoneNone
RolesManageViewNoneNone
SSO / SCIMManageViewNoneNone
RepositoriesManageManageViewView
ScansManageManageManageView
VulnerabilitiesManageManageManageView
RulesManageManageViewView
SchedulesManageManageManageView
WorkflowsManageManageNoneNone
IntegrationsManageManageNoneNone
API keysManageViewViewView
Audit logNoneViewNoneNone

Invite members

1

Send an invite

In Settings > Members, invite a teammate by email and assign a role.
2

They accept

The invite links to a join page showing your team. After signing in, they accept and land in the workspace.
3

Adjust roles any time

Change a member’s role from the Members page as responsibilities shift.
For larger teams, manage membership and roles automatically through SCIM provisioning instead of inviting people one by one.