Each user has a unique user workspaces to manage resources such as pipelines, compute environments, and credentials. You can also create multiple workspaces within an organization context and associate each of these workspaces with dedicated teams of users, while providing a fine-grained access control model for each of the teams.
Organization workspaces extend the functionality of user workspaces by adding the ability to fine-tune access levels for specific members, collaborators, or teams. This is achieved by managing participants in the organization workspaces.
Organizations consist of members, while workspaces consist of participants.
A workspace participant may be a member of the workspace organization or a collaborator within that workspace only. Collaborators count toward the total number of workspace participants. See Usage limits.
Create a new workspace#
Organization owners and admins can create a new workspace within an organization:
- Go to the Workspaces tab of the organization page.
- Select Add Workspace.
- Enter the Name and Full name for the workspace.
- Optionally, add a Description for the workspace.
- Under Visibility, select either Private or Shared. Private visibility means that workspace pipelines are only accessible to workspace participants.
- Select Add.
Optional workspace fields can be modified after workspace creation, either with the Edit option on an organization's workspaces list or the Settings tab within the workspace page, provided that you are the workspace owner.
Edit a workspace#
From version 23.2, workspace owners can edit their workspace name, either from the workspace settings tab or the Admin panel.
Open the Settings tab on the workspace page and select Edit Workspace. Make your updates and select Update to save changes.
Add a new participant#
A new workspace participant can be an existing organization member, team, or collaborator. To add a new participant to a workspace:
- Go to the Participants tab in the workspace menu.
- Select Add participant.
- Enter the Name of the new participant.
- Optionally, update the participant role. For more information on roles, see participant roles.
Organization owners can assign role-based access levels to any participant in an organization workspace.
You can group members and collaborators into teams and apply a role to that team. Members and collaborators inherit the access role of the team.
There are five roles available for every workspace participant:
- Owner: The participant has full permissions for all resources within the workspace, including the workspace settings.
- Admin: The participant has full permissions for resources associated with the workspace. They can create, modify, and delete pipelines, compute environments, actions, and credentials. They can add/remove users to the workspace and edit workspace settings, but cannot delete it.
- Maintain: The participant can launch pipelines and modify pipeline executions (e.g., they can change the pipeline launch compute environments, parameters, pre/post-run scripts, and Nextflow configuration) and create new pipelines in the Launchpad. Users with maintain permissions cannot modify compute environments and credentials.
- Launch: The participant can launch pipelines and modify the pipeline input/output parameters in the Launchpad. They cannot modify the launch configuration or other resources.
- View: The participant can view workspace pipelines and runs in read-only mode.
Workspace run monitoring#
To allow users executing pipelines from the command line to share their runs with a given workspace, see deployment options.