# Manage access Depending on your plan and [role](/docs-legacy/people/roles-permissions), people with the `Owner` role for an organization (or `Admin` role on a project) can control access to Reference. ## Set up access to Reference 1. Log in to your organization in Workflows, and select **Reference**. 2. From the Reference page, select the Reference for which you want to set up access control. The **Overview** page is displayed. 3. Select the **Settings** tab to view the Reference settings. 4. On the **Settings** page, from the left, select **Manage access**. The *Manage Access* page displays the following information: - **Docs access**: Displays the current access assigned for Production and Preview docs. To manage docs access, select **Manage**, which allows you to set access controls on preview and production builds. - **Base role**: You can set base permissions that apply to all members of an organization when accessing any of the organization's projects. By default, members of an organization have `Maintain` permissions to the organization's projects. To change the base role assigned to members, select **Manage**. - **Direct access**: Displays who outside your organization has access to your projects. You can invite a member (not currently part of your organization) to collaborate on your projects. - **Manage direct access**: You can use this section to select, remove or edit collaborators or teams for the selected project. ### Manage docs access Single sign-on (SSO) Pro and Enterprise customers can use SSO with either an OIDC or SAML2 connected identity provider. Using SSO enables anyone with an account on their identity provider to read the docs. You can control access to both the production and the preview environments separately. Before you can set access control for your docs, you need to set up your identity providers. For more information on how to do this, refer to the [Configuring multiple identity providers (IdPs)](/docs-legacy/settings/identity-providers) topic. To set docs access (for either Production or Previews), - Select **Manage** (for either Production or Previews). The *Manage docs access* dialog displays. - Select **Protected** and tick **SSO login**. - From the identity provider dropdown, select the identity provider you have set up to protect your Production docs. ![Select IDP SSO](/assets/access-sso-prod.f90df8b4a0acfba318b9105a28a7f375f980f69bccf8f9d687e09f30fca19068.b5594a6c.png) - Select **Save** to save your settings. ### Manage project access Using the project access section, you can manage base role or direct access to Reference projects. To set up the base role, under the **Base role**, select **Manage**. The *Settings > Access control* page displays. For more information, refer to the [Access control](/docs-legacy/settings/access-control) topic. ### Use HTTP Basic authentication Instead of using the Redocly login or the SSO login, you can use HTTP Basic auth to set up basic username and passwords to restrict access to the docs. This is only available on docs projects (not snapshots). It is recommended to prevent spiders, or when you need to share a preview with someone outside of your organization. Warning Basic auth is not secure, so we recommend choosing the SSO login for the most secure access control. ## Manage collaborators People with the `Owner` role for an organization (or `Admin` role on a project) can add outside collaborators to a project, unless an organization `Owner` has restricted the ability to invite collaborators. For more information, refer to the [Roles and permissions](/docs-legacy/people/roles-permissions) topic. When you select a collaborator or a team, they get direct access to the selected project (either Reference or Portals). When you select a team for collaboration, all users that are part of the team automatically become collaborators on the selected project unless they have a lower role such as `Read` or `Triage`. A person's base role overrides any team roles. 1. Under the **Manage access** section, select **Select a Collaborator/Team**. ![Select a collaborator](/assets/select-collaborator.aa26cb0cb61e26939b560d41648eeb8a1eee05c7ff4e8f109eeb4fb08df7a439.b5594a6c.png) 2. From the dropdown, search by name or email to select a collaborator/team. If a member or team does not display in the dropdown, you can add a new member or team from this dialog. You are redirected to the **Users** or **Teams** page as selected. 1. Select the project-level role you want to assign to the collaborator/team, and select **Save**. ![Select a collaborator role](/assets/select-collaborator-role.fc1b1301369041193d3f0fa862911fb834d58143c057d7b9d7aa34c647c9ae9a.b5594a6c.png) For more information, refer to our [Project-level roles](/docs-legacy/people/roles-permissions#project-level-roles) topic. - The member details are now displayed in the **Manage access** section. - The **Direct access** tile is updated to display the number of people who have direct access to the selected project. ![Updated collaborator details](/assets/project-direct-access.4feee95543c679eef5ea4f3d6bc3bf6e09477f8e8e48b95c4d7605f4dfd9252d.b5594a6c.png) ### Add a collaborator not currently in your organization If you want to add a collaborator who is not currently a part of your organization, you need to **add/invite a new member to your organization**. Once they have accepted your invitation and logged in using the invitation link, you can add them as a collaborator, and assign them a relevant project-level role. To invite a new member to your organization, see the [Managing access to Workflows](/docs-legacy/settings/access-control) topic. ### Update collaborator role People with the `Owner` role for an organization (or `Admin` role on a project) can update a collaborator's role on a project in the **Manage access** section. Under the **Manage direct access** section, select the collaborator whose role you want to update, and under Role, select the role you want to assign to the collaborator. ![Update collaborator role](/assets/update-collaborator-projects.3e6f8e20f1c9b1707e968d1ed2e9b188b2f6c18a7fa3fb11b8f04fdfc6c5e9d6.b5594a6c.png) The collaborator role and permissions are immediately updated for the selected project. ### Delete collaborators from projects People with the `Owner` role for an organization (or `Admin` role on a project) can delete collaborators to a project in the **Manage access** section. 1. Under the **Manage direct access** section, select the collaborator you want to delete, and select the **Delete** icon. A confirmation dialog displays. 2. In the *Remove collaborator* dialog, select **Delete**. - The collaborator details are removed from the **Manage access** section. - The **Direct access** tile is updated to display the number of people who have direct access to the version project.