Access Control Features

Measure provides Role-Based Access Controls (RBAC) to govern access to resources based on predefined roles and their associated permissions. RBAC ensures that users are granted appropriate access to perform their tasks while preventing unauthorized access. Measure provides the following roles out of the box:

This role includes complete READ and WRITE access to all features in the app:

• Dashboard, Customers, Subscriptions, Contracts, Invoices, Payments, Billables, Products, Reports, Integrations, Settings, Developers

This role only includes:

• READ and WRITE access to:

  • Customers, Contracts, Billables, Products, Subscriptions

This role only includes:

• READ access:

  • Subscriptions, Invoices

• READ and WRITE access to: Customers, Contracts, Subscriptions you are the designated owner of, Billables, Products

This role includes:

• READ and WRITE access to:

  • Integrations

• READ access to:

  • Customers, Subscriptions, Invoices, Payments, Billables, Products

This role includes READ access to all features in the app:

• Dashboard, Customers, Subscriptions, Contracts, Invoices, Payments, Billables, Products, Reports, Integrations, Settings, Developers

Measure also allows you to define custom roles and RBAC policies that are appropriate for the needs of your company and application. Just reach out to our support team at [email protected].

All actions performed in Measure are internally logged and can be audited by the Full Admin role. This log contains the following details.

    {
        "company_id": "company_xyz",
        "created_at": "2023-06-01 00:55:10.09358+00",
        "action": "credit.created",
        "action_performed_by_user_id": "user_xyz",
        "reference_type": "credit",
        "reference_id": "credit_abc",
        "additional_data": "...",
    }

All API calls to Measure need to be authenticated with an access token. Please review Authentication under our API reference for more details.