Ability Reference
The complete list of 35 permissions you can grant through roles or groups in MemberPass.
This page is the reference you'll keep open while setting up roles and groups. It lists every permission MemberPass exposes, what it governs, and a plain-English description of what a teammate holding it can do.
How permissions are structured
Every permission has two parts, joined with a colon:
{entity}:{action}- Entity — the thing the permission acts on (e.g.
project,project-access-code). - Action — what you can do with it (e.g.
view,create,delete).
There are 7 entities × 5 actions = 35 permissions in total.
The five actions
| Code | Meaning |
|---|---|
view-any | See the list of all items in this entity (e.g. see every subscription, every plan). |
view | Open a specific item to inspect its details. |
create | Add a new item. |
update | Edit an existing item. |
delete | Remove an item permanently. |
view-any is listing access; view is detail access. In most cases you'll
want a role to have both — but splitting them lets you grant "can see this
specific thing in reports" without granting "can browse all of them".
Permissions by entity
Project (project)
Controls the project itself — the top-level container for a membership.
| Permission | What it lets the member do |
|---|---|
project:view-any | See the list of projects they have any access to. |
project:view | Open and inspect a project's settings and dashboard. |
project:create | Create new projects under your account. |
project:update | Edit a project's name, description, banner, handle, legal URLs, and other settings. |
project:delete | Permanently delete a project and all of its data. |
Project payment method (project-payment-method)
Controls which payment providers (Stripe, PayPal, Razorpay, etc.) are enabled on a project.
| Permission | What it lets the member do |
|---|---|
project-payment-method:view-any | See which payment methods are set up on the project. |
project-payment-method:view | Open a payment method's configuration. |
project-payment-method:create | Add a new payment provider to the project. |
project-payment-method:update | Edit an existing payment method's API keys or settings. |
project-payment-method:delete | Remove a payment provider from the project. |
Project resource (project-resource)
Controls the Telegram channels, groups, and supergroups linked to a project — the things a subscriber actually gets access to.
| Permission | What it lets the member do |
|---|---|
project-resource:view-any | See all linked Telegram resources. |
project-resource:view | Open a specific resource and see its members / status. |
project-resource:create | Link a new Telegram channel / group / supergroup to the project. |
project-resource:update | Edit an existing resource's link or settings. |
project-resource:delete | Unlink a resource from the project. |
Project access code (project-access-code)
Controls promotional / free-access codes that members redeem to get discounted or free subscriptions.
| Permission | What it lets the member do |
|---|---|
project-access-code:view-any | See all access codes and their usage. |
project-access-code:view | Open a code and see redemption history. |
project-access-code:create | Generate new codes (single-use or batch). |
project-access-code:update | Edit an existing code's terms (expiry, plan, etc.). |
project-access-code:delete | Revoke a code. |
Project subscription (project-subscription)
Controls existing subscriptions that members have taken out — the purchases side.
| Permission | What it lets the member do |
|---|---|
project-subscription:view-any | See the list of active, trialling, expired, and one-time subscriptions. |
project-subscription:view | Open a specific subscription to see its payment history and status. |
project-subscription:create | Manually add a subscription for a member (bypass signup flow). |
project-subscription:update | Edit a subscription (e.g. override renewal date, change plan). |
project-subscription:delete | Cancel / remove a subscription. |
Project subscription plan (project-subscription-plan)
Controls the plans you offer — "$9.99/month Premium", "$99 one-time Lifetime", and so on.
| Permission | What it lets the member do |
|---|---|
project-subscription-plan:view-any | See the list of plans. |
project-subscription-plan:view | Open a plan to inspect pricing, trial, features, and billing cycle. |
project-subscription-plan:create | Create new plans. |
project-subscription-plan:update | Edit existing plans (price, trial, availability). |
project-subscription-plan:delete | Delete a plan (won't be offered to new subscribers). |
Project user (project-user)
Controls the members of a project — the end subscribers. Grants access to the member list, search, exports, and manual account actions.
| Permission | What it lets the member do |
|---|---|
project-user:view-any | See the list of all subscribers / members on the project. |
project-user:view | Open a specific member's profile, subscription history, and metadata. |
project-user:create | Manually add a subscriber (no payment required). |
project-user:update | Edit a subscriber's email, metadata, or magic-link status. |
project-user:delete | Remove a subscriber from the project. |
Suggested role templates
You don't have to use these — but they're a solid starting point.
Community Manager
Handles day-to-day member interactions. No billing or plan changes.
project:view-any,project:viewproject-resource:view-any,project-resource:viewproject-subscription:view-any,project-subscription:viewproject-user:view-any,project-user:view,project-user:updateproject-access-code:view-any,project-access-code:view
Billing Admin
Handles plans and payment methods. No member data access.
project:view-any,project:viewproject-payment-method:*(all five actions)project-subscription-plan:*(all five actions)project-subscription:view-any,project-subscription:view
Read-only Auditor
External accountant or consultant — sees everything, changes nothing.
- Every
*:view-anyand*:viewpermission. - None of
create,update,delete.
Full Admin
Trusted deputy who does everything you do.
- All 35 permissions.
- Use sparingly — prefer narrower roles where possible.
Related
- Roles — apply these permissions as named, reusable bundles.
- Groups — layer extra permissions onto specific members.
- Invite members — pick the starting role when adding someone to the team.