Role-Based Access Control
AB Projects uses a simple, project-scoped role-based access control model. Every member of a project has exactly one of three roles — Owner, Admin, or Member — and that role decides whether they can manage the project or just work in it. Roles are per project: changing someone's role in one project has no effect on any other.
The three roles
- Owner — the person who created the project (or whoever ownership was transferred to). Full control, plus ownership itself. A project always has at least one Owner, and an Owner can't simply demote themselves — ownership has to be transferred to someone else, which promotes that person and moves the previous Owner down to Member in one step.
- Admin — project management. An Admin can:
- Add, remove, and re-role members
- Link or unlink the connected Microsoft Teams channel
- Configure the workflow — task statuses, types, and environments
- Create, edit, and manage tasks
- Member — the standard working role. A Member can:
- Create and edit tasks
- Comment and mention other members
- Change task status, priority, and assignment
- View task activity, change history, and deadlines
There is no separate "Editor" or "Viewer" role, and no read-only role — everyone in a project is a working participant. Management actions (members, the Teams link, workflow configuration) are gated to Admin and Owner; everything else is open to all members.
Default role when someone joins
- When a person joins a project — whether by the automatic Teams-channel sync or a manual invite (see Adding or Removing Members) — they join as a Member.
- An Owner or Admin can promote them to Admin afterward from the Members tab.
Changing roles
Role changes are made by an Owner or Admin in Project Settings → Members. They take effect immediately and apply only to that project. A few rules are enforced to keep every project safely manageable:
- A project can't be left without an Admin. You cannot demote the last Admin to Member.
- Ownership isn't a normal role change. An Owner can't switch their own role directly; instead ownership is transferred to another member, who becomes Owner (or Admin) while the previous Owner becomes a Member.
- No shortcut to Owner. A Member or Admin can't be promoted straight to Owner — Owner is only set through that ownership transfer.
Best practices
- Keep at least two Admins per active project. The system already blocks removing the last Admin, but a second Admin avoids a single point of failure if the Owner is unavailable.
- Promote a trusted member to Admin so member and workflow changes aren't bottlenecked on the Owner.
- Review the Members tab periodically — together with the Teams channel roster, which is what drives membership in the first place — so roles and access stay appropriate as the team changes.
With three clear roles, sensible guardrails, and per-project scope, AB Projects keeps responsibility and access easy to reason about without getting in the way of day-to-day work.