Teams and Access Control
Organize your team with namespaces, role-based access control, and member management on Outpost.
Outpost provides a flexible access control system built around namespaces, teams, and roles. Whether you are working solo or coordinating across a large organization, Outpost gives you fine-grained control over who can access your repositories, services, machines, and jobs.
Namespaces
Every resource on Outpost lives inside a namespace. A namespace is the top-level container that determines ownership and billing scope.
There are two types of namespaces:
| Type | Description |
|---|---|
| Personal | Tied to your individual account. Ideal for personal projects, experiments, and solo workflows. |
| Organization | Shared namespace for teams. Supports multiple members, role-based access, and team billing. |
You can switch between namespaces from the namespace selector in the top-left corner of your dashboard. All resources (repositories, services, machines, jobs) are scoped to the active namespace.
Organization namespaces are the recommended way to collaborate. They provide centralized billing, team management, and audit capabilities that personal namespaces do not.
Creating an Organization
- Navigate to your dashboard and click the namespace selector in the top-left corner.
- Click Create Organization and enter a unique namespace name.
- Choose a plan and confirm. You will be redirected to your new organization dashboard.
Roles and Permissions
Outpost uses a role-based access control (RBAC) model. Each member of an organization is assigned a role that determines what actions they can perform.
| Role | Repositories | Services & Machines | Members & Settings | Billing |
|---|---|---|---|---|
| Owner | Full access | Full access | Full access | Full access |
| Admin | Full access | Full access | Manage members | View only |
| Maintainer | Read / Write / Merge | Read / Write / Start | View only | No access |
| Contributor | Read / Write | Read / Start | No access | No access |
| Reader | Read only | Read only | No access | No access |
Every organization must have at least one Owner. Owners cannot remove themselves unless another Owner exists.
Inviting Members
- Open your organization dashboard and navigate to Settings > Members.
- Click Invite Member and enter the email address of the person you want to invite.
- Select a role from the dropdown. The invitee will receive an email with a link to accept.
- Once accepted, the member appears in your members list with their assigned role.
Pending invitations can be revoked at any time from the Members settings page.
Managing Members
From the Settings > Members page, organization Owners and Admins can:
- Change roles — Click the role badge next to a member to reassign their role.
- Remove members — Click the kebab menu and select Remove to revoke access immediately.
- View activity — See when each member last accessed the organization.
Authentication Methods
Outpost supports multiple authentication methods to secure your account and organization:
| Method | Description |
|---|---|
| Email & Password | Standard credential-based login. |
| WebAuthn / Passkeys | FIDO2-compliant passwordless authentication using biometrics or hardware security keys. |
| Multi-Factor Auth | Add a second factor (TOTP authenticator app) to your account. |
| SAML SSO | Enterprise single sign-on via your identity provider (Okta, Azure AD, etc.). |
Enable MFA on your account for an additional layer of security. Navigate to Settings > Security to set up an authenticator app.
Account Settings
Manage your profile and preferences from Settings > Profile:
- Display name and avatar — Shown across the Outpost interface and in commit history.
- Email addresses — Add and verify multiple email addresses. Set a primary email for notifications.
- Password — Update your account password.
- Connected accounts — Link external accounts for OAuth-based sign-in.
Next Steps
- SSH Keys -- Generate and manage SSH keys for secure repository access and machine connections.
- Access Tokens -- Create personal access tokens for API authentication and CI/CD pipelines.
- Enterprise Features -- Explore SSO, SCIM provisioning, VPC deployments, and more.
Previous → Create a Job
Next SSH Keys →