Skip to content
Hawzu Docs
API reference Go to app

System Roles

4 min read

System roles are built-in roles provided by Hawzu. They are available as standard role choices and appear with the System badge on the roles page.

System roles are read-only reference roles. They cannot be edited or deleted from the role details view.

Reserved Platform Role

Section titled “Reserved Platform Role”

Workspace Roles

Section titled “Workspace Roles”

Workspace roles control access across the workspace.

Workspace Owner

Section titled “Workspace Owner”

The Workspace Owner is a protected workspace ownership role with broad control. This role cannot be removed or downgraded by others.

Workspace Manager

Section titled “Workspace Manager”

Workspace Managers are administrators of the workspace. They can manage users, groups, roles, and workspace-level configuration except ownership and deletion. They have full access to every project by default.

Allowed actions

  • Access all projects with full privileges
  • Add or remove users from the workspace
  • Assign and update system roles below Manager
  • Manage custom roles, groups, integrations, and access tokens
  • Create, update, and delete projects
  • View audit logs when available
  • Manage workspace settings
  • Modify project settings for any project
  • Perform project work across projects

Restricted actions

  • Cannot delete the workspace
  • Cannot transfer ownership
  • Cannot change or downgrade the Workspace Owner
  • Cannot remove or modify Workspace Manager peers when restricted by workspace rules

Special rules

  • Does not need a project role to access or participate in any project
  • Always assignable inside any project
  • Has authority across all projects even when not explicitly added

Workspace Coordinator

Section titled “Workspace Coordinator”

Workspace Coordinators are operational leads who help manage project membership and support execution across multiple projects. They do not have access to workspace-level security or administrative settings.

Allowed actions

  • View the project list and access assigned projects
  • Add users to projects they manage when allowed
  • Assign project roles inside projects they belong to
  • Participate fully in assigned projects
  • Create and edit project work based on their project role
  • View the workspace user list when available

Restricted actions

  • Cannot invite or remove users from the workspace
  • Cannot modify workspace system roles
  • Cannot manage integrations, custom roles, or access tokens
  • Cannot delete or modify workspace settings
  • Cannot see workspace-wide audit logs
  • Cannot access projects they are not explicitly added to

Special rules

  • Must have a project role to participate in a project
  • Cannot override Workspace Manager or Owner authority

Workspace Member

Section titled “Workspace Member”

Workspace Members are standard users who can participate in projects they are added to. They do not have workspace-level visibility or administrative access.

Allowed actions

  • Access only projects they are added to
  • Perform actions based on their project role
  • Update their own profile settings
  • View only information related to assigned projects

Restricted actions

  • Cannot see workspace-wide user lists
  • Cannot see groups, roles, custom fields, or integrations
  • Cannot create or delete projects
  • Cannot join projects without invitation
  • Cannot modify workspace settings

Special rules

  • Must have project roles to access project content
  • Keeps a minimal workspace footprint

Workspace Viewer

Section titled “Workspace Viewer”

Workspace Viewers have read-only visibility across the workspace and cannot be assigned to projects or participate in project activity.

Allowed actions

  • View the list of all projects at a high level
  • View workspace users and groups as read-only information
  • View workspace roles as read-only information
  • View global dashboards and summaries
  • View workspace settings as read-only information

Restricted actions

  • Cannot access project content
  • Cannot be assigned a project role
  • Cannot participate in executions or workflow
  • Cannot modify anything
  • Cannot see integrations, tokens, custom fields, or audit logs

Special rules

  • Workspace Viewer can never be added to any project
  • Restricted to observational visibility

Project Roles

Section titled “Project Roles”

Project roles control access inside specific projects.

Project Manager

Section titled “Project Manager”

Project Managers control configuration and activity within specific projects. They can manage project work and team assignments inside the projects they manage.

Allowed actions

  • Manage project roles and membership
  • Manage project settings
  • Create, update, and delete project work
  • Create, update, and delete releases
  • Create, update, and delete test cases, requirements, steps, and parameters
  • Execute and manage runs
  • Manage project-scoped custom fields
  • View reports and analytics
  • Delete items inside the project

Restricted actions

  • Cannot delete the project
  • Cannot bypass workspace-level permissions

Special rules

  • Workspace Manager and Workspace Owner outrank Project Manager

Project Coordinator

Section titled “Project Coordinator”

Project Coordinators help manage project content but do not have destructive or administrative capabilities. They are operational leads inside a project.

Allowed actions

  • Create and update requirements, test cases, defects, parameters, and shared steps
  • Execute test runs
  • Create execution cycles
  • Comment and upload attachments
  • Perform contributor-level actions

Restricted actions

  • Cannot delete major items such as requirements, test cases, or releases
  • Cannot manage project roles or users
  • Cannot change project settings
  • Cannot manage project custom fields or integrations
  • Cannot delete runs or cycles

Project Member

Section titled “Project Member”

Project Members are contributors who participate in testing activity but cannot create structural project work.

Allowed actions

  • Execute test runs
  • Add comments
  • Update test statuses
  • Upload attachments
  • View project work
  • Report defects

Restricted actions

  • Cannot create requirements or test cases
  • Cannot modify structural content
  • Cannot manage project settings
  • Cannot add or remove users
  • Cannot manage releases or custom fields

Project Viewer

Section titled “Project Viewer”

Project Viewers have read-only access to a project. This role is useful for stakeholders or clients who need visibility without participating.

Allowed actions

  • View project work such as test cases, requirements, defects, runs, releases, and reports

Restricted actions

  • Cannot execute runs
  • Cannot comment or upload attachments
  • Cannot create or update anything
  • Cannot delete anything
  • Cannot manage project roles or settings

Next Steps

Section titled “Next Steps”