Roles & Permissions
SecureCodingHub uses role-based access control (RBAC) with three distinct roles. Each role has specific permissions within the platform.
Role Overview
Every user in SecureCodingHub is assigned one of three roles:
| Role | Description |
|---|---|
| Platform Admin | Full platform-level access. Can create and manage all organizations, configure SSO/SCIM, and control platform-wide settings. Reserved for the IT/security team. |
| Org Admin | Organization-level administrator. Manages users, teams, assignments, SSO, and SCIM configuration within their organization. Has access to the admin dashboard. |
| Learner | Standard user role for all developers. Completes practice challenges and learn scenarios, tracks personal progress, and earns XP. |
Permissions Matrix
The following table shows which permissions are available to each role:
| Permission | Platform Admin | Org Admin | Learner |
|---|---|---|---|
| View admin dashboard | ✓ | ✓ | ✗ |
| Manage users | ✓ | ✓ | ✗ |
| Create/manage teams | ✓ | ✓ | ✗ |
| Create assignments | ✓ | ✓ | ✗ |
| Configure SSO | ✓ | ✓ | ✗ |
| Configure SCIM | ✓ | ✓ | ✗ |
| Manage SCORM | ✓ | ✓ | ✗ |
| Create organizations | ✓ | ✗ | ✗ |
| Manage all organizations | ✓ | ✗ | ✗ |
| Complete challenges | ✓ | ✓ | ✓ |
| Complete scenarios | ✓ | ✓ | ✓ |
| View own progress | ✓ | ✓ | ✓ |
| Set stack preferences | ✓ | ✓ | ✓ |
Changing Roles
Org Admins can promote learners to Org Admin or demote org admins back to Learner within their organization. Role changes take effect immediately.
The Platform Admin role can only be assigned at the platform level and is not available through the organization admin panel.
Best Practices
Minimize Org Admins
Keep the Org Admin count to 2-3 per organization. This limits the surface area for accidental misconfiguration and keeps audit trails clean.
Learner for Developers
Use the Learner role for all developers. They get full access to training content, progress tracking, and stack preferences without any admin capabilities.