--- title: "Airtable enterprise permissions" slug: "enterprise-permissions" updated: 2026-03-06T22:49:25Z published: 2026-03-06T22:49:25Z --- > ## Documentation Index > Fetch the complete documentation index at: https://support.airtable.com/llms.txt > Use this file to discover all available pages before exploring further. # Airtable enterprise permissions | **Plan availability** | All plan types | | --- | --- | | **Permissions** | - **Admins** - Can perform the actions noted below in workspaces/bases where they are added as collaborators. Otherwise, admins can manage user permissions from the [admin panel](/docs/overview-enterprise-admin-panel). - **All users**- Can take various actions in Airtable — detailed below. | | **Platform(s)** | Web/Browser, Mac app, Windows app, and mobile apps | ## Admin role types | Action | Super Admin | Org Unit Admin | User Admin | Integration Admin | Brand Admin | | --- | --- | --- | --- | --- | --- | | Configure SSO and SCIM for the organization | ✅ | | | | | | Full visibility over all users and workspaces org-wide | ✅ | | | | | | Visibility into specific org units (where assigned) | ✅ | ✅ | | | | | Control Airtable licenses | ✅ | | ✅ | | | | Create new org units | ✅ | | | | | | Grant super admin access to other users | ✅ | | | | | | Grant org unit admin access | ✅ | ✅ | | | | | Configure domains and authentication settings | ✅ | | | | | | Establish organization-wide security policies | ✅ | | | | | | Manage rules for APIs and compliance tools (EKM, DLP, audit logs) | ✅ | | | | | | Delete workspaces, bases, and interfaces | ✅ | ✅ | | | | | Move workspaces between org units | ✅ | | | | | | Deactivate user accounts | ✅ | | | | | | Sign users out of all sessions | ✅ | | | | | | Require users to sign in with SSO | ✅ | | | | | | Update user email addresses | ✅ | | | | | | Remove users from workspaces, bases, and interfaces | ✅ | ✅ | ✅ | | | | Update user permissions on workspaces, bases, and interfaces | ✅ | ✅ | ✅ | | | | Manage groups and group memberships | ✅ | ✅ | ✅ | | | | Manage integration settings | ✅ | | | ✅ | | | Configure HyperDB | ✅ | ✅ | | ✅ | | | Manage organization branding settings | ✅ | | | | ✅ | | Manage organizational resources | ✅ | | | | ✅ | ## Admin panel page access by role type | Page | Super Admin | Org Unit Admin | User Admin | Integration Admin | Brand Admin | | --- | --- | --- | --- | --- | --- | | Organization | ✅ | | | | | | Users | ✅ | ✅ | ✅ | | | | Roles | ✅ | ✅ | | | | | Groups | ✅ | ✅ | ✅ | | | | Solutions | ✅ | ✅ | | | | | Workspaces | ✅ | ✅ | ✅ | | | | Bases | ✅ | ✅ | ✅ | | | | Interfaces | ✅ | ✅ | ✅ | | | | Data sets | ✅ | ✅ | | | | | HyperDB | ✅ | ✅ | | ✅ | | | Managed apps | ✅ | ✅ | | | | | Components | ✅ | ✅ | | | | | Reports | ✅ | ✅ | | | | | Settings (Security & compliance) | ✅ | | | | | | Settings (Integrations & development) | ✅ | | | ✅ | | | Settings (Org resources) | ✅ | | | | ✅ | ## User types & account categories | User Type | Description | Key Characteristics | | --- | --- | --- | | Internal Users (Members) | Users whose email domain matches one of the organization's verified domains | - Auto-join via domain capture - Can be assigned to org units - Can be granted admin access - Subject to org security policies | | External Users | Users with email domains that do not match the organization's verified domains | - Cannot be granted admin access - Visible when collaborating on org content - No org unit membership | | Guest Users | Users not claimed but with matching enterprise domain | - Occurs with non-domain-capturing orgs - Enterprise Hub edge cases | | **D**eactivated Users | Previously active users who have been deactivated by an administrator | - Cannot log into Airtable - Retain ownership of bases/workspaces - Don't count toward usage limits | ## Seat types (license types) Enterprise organizations use seat types to categorize users based on their highest access level. Seat types determine billing and control who can upgrade user permissions. | Seat Type | Billable | Description | | --- | --- | --- | | **Editor** | ✅ | User's highest access level causes them to be billable. Can create, edit, and modify content. This includes Owner, Creator, and Editor permissions at the workspace, base, or interface level. | | **Portal Editor** | ✅ | External users who have access through a portal. Billable category for external collaborators. | | **Viewer** | | User's highest access level does not trigger billing. Read-only access to content. Users with Read-only access permissions can be upgraded by workspace or base owners. | | **Viewer (Restricted)** | | Can only be upgraded to Editor via an admin user or service account. Provides controlled access with limited upgrade paths. | ## Bulk actions by admin type > [!CAUTION] > Note > > [Enterprise Hub](/docs/enterprise-hub-in-airtable) must be enabled to use the actin listed in this section. | Action | Super Admin (Org Level) | Super Admin (Org Unit Level) | Org Unit Admin | | --- | --- | --- | --- | | Sign out of all sessions | ✅ | ✅ | | | Add admin access | ✅ | ✅ | ✅ | | Change seat type | ✅ | ✅ | | | Add to an org unit | ✅ | | ✅ | | Unassign from org unit | ✅ | ✅ | | | Remove access | ✅ | ✅ | ✅ | | Deactivate | ✅ | ✅ | | ## Bulk actions without enterprise hub enabled | Action | Admin | | --- | --- | | Sign out of all sessions | ✅ | | Add admin access | ✅ | | Change seat type | ✅ | | Remove access | ✅ | | Deactivate | ✅ | ## Deactivation & access removal | Action | Effect | | --- | --- | | **Deactivate** | User cannot log into Airtable at all. Account is suspended but ownership of bases and workspaces is retained. | | **Remove Access** | User loses workspace/base privileges but can still log into Airtable and create new workspaces, bases, and interfaces. | ## FAQs **Can external users be granted admin access?** No, all admins must be internal collaborators. **How many licenses does a user need when working across an organization?** Users need only 1 license for activity across the entire organization. **Can service accounts be upgraded to super admin access?** Yes. Service accounts can be upgraded to super admin access.