# Authentication and access

## Set pre-defined user roles

Determine if Snyk pre-defined roles meet your requirements or if you must create custom roles. Snyk uses role-based access control (RBAC) to manage permissions across the Organization level.

## Review Organization-level roles

{% hint style="success" %}
**Key decision:** Determine if your team leads can operate with the fixed permissions of an Organization Admin or if they require a restricted custom role.
{% endhint %}

Pre-defined roles at these levels have fixed permissions that cannot be modified.

* **Organization Admin**: Allows users to add or delete Projects, override Snyk checks, and provision users. Assign this role to Team Leads.
* **Organization Collaborator**: Grants standard developer access. Use this for small teams or a developer-first rollout.

## Align roles with your Organization structure

{% hint style="success" %}
**Key decision**: Decide who is responsible for provisioning new users as your Snyk footprint grows.
{% endhint %}

Your choice of roles depends on how you structured your Snyk Organizations in the previous steps.

| Structure                 | Typical role assignment                                                          |
| ------------------------- | -------------------------------------------------------------------------------- |
| **Team-based**            | Assign **Organization Admin** to the specific Team Lead for that Organization.   |
| **Product-based**         | Assign developers as **Collaborators** across multiple product Orgs.             |
| **SCM integration-based** | Use custom roles and the Snyk API to automate role assignment during SCM import. |

{% embed url="<https://res.cloudinary.com/snyk/video/upload/v1775661961/2._Setting_Up_Roles_and_Permissions_h69yve.mp4>" %}
Setting up roles and permissions video guide
{% endembed %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.snyk.io/implementation-and-setup/enterprise-implementation-guide/create-a-template-organization/authentication-and-access.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.