Documentation
Access Control
RBAC roles, permissions, feature entitlements, teams, and scoped API keys.
Syntra Identity provides granular access control. Every API request is checked against permissions and tenant feature entitlements.
System roles
- Owner — full access including feature entitlements
- Admin — manage team and products (except feature toggles)
- Developer — build flows, channels, and integrations
- Operator — send campaigns and manage inbox
- Viewer — read-only across enabled features
- Billing Manager — billing and usage
Feature entitlements
Tenants enable products per workspace: whatsapp, telegram, ussd, push, email, surveys, flows, campaigns, cloud_api, ai_agents, insights, verify, billing, and voice/contact center capabilities.
Teams
Teams scope Inbox conversations and Engage campaigns. Gateway forwards X-Syntra-Teams so services filter rows automatically.
Management APIs
- GET/POST /v1/identity/roles — role catalog and assignments
- GET/PUT /v1/identity/features — tenant feature toggles
- GET/POST /v1/identity/teams — workspace teams and members
- GET/POST /v1/identity/api-keys — create scoped keys
Enterprise workspaces also support SSO (OIDC/SAML), SCIM provisioning, IP allowlists, break-glass access, and audit log export via the console.