Users, Memberships, Teams, And Roles
Understand how the control plane scopes operational access and why workspace-aware behavior matters throughout the product.
Users, Memberships, Teams, And Roles
Most operational activity in Noderax is workspace-scoped.
Users
Users authenticate into the control plane and can belong to one or more workspaces.
Memberships
A membership ties a user to a workspace with a role. That role determines what the user can see and do inside that workspace.
Teams
Teams provide a structured grouping layer inside a workspace. They are commonly used to route node ownership, operational views, and policy application.
Users are global identities. They sign in once and may carry different roles in different workspaces.
Membership is where day-to-day authorization becomes concrete. It decides who can view, operate, or administer the resources inside a workspace.
Teams are not a replacement for workspace boundaries. They are an internal grouping tool for ownership and operational organization.
Why this matters
The following product areas are all workspace-aware:
- nodes and enrollment
- metrics and events
- notifications
- tasks and package actions
- realtime subscriptions
- agent update targeting
If a page or websocket event looks missing, always verify you are in the expected workspace context first.
Workspace context affects both HTTP reads and websocket delivery. A correct login session with the wrong workspace still produces apparently missing data.
Agent Line And Rollouts
Track the separate operational model for agent releases and understand how it differs from control-plane self-update.
Add Node And Bootstrap Flow
Add a node from the dashboard, run the generated install command, and understand how install progress and final enrollment are reported.