Custom Roles

Create your own custom role types for greater control of permissions assigned to users at the Workplace and Project level.

Custom roles allow you to create more fine-grained permission assignments than the default Workplace and Project roles supplied by Doppler so you can better apply the principle of least privilege.

When combined with User Groups and SCIM for automated user provisioning, users can be automatically assigned custom roles at the project and workplace level based on group membership.


Requires an upgraded subscription

This feature is standard on our Enterprise plan or can be added on to an existing Team plan. Explore pricing or book a demo for more details.




Custom Roles are created and managed by navigating to the Doppler dashboard under Team -> Roles.


Roles can be assigned at the Workplace and Project level:

  • Workplace: Permissions include e.g. logs, team management, settings and billing.
  • Project: Permissions include e.g. secrets read/write, project management, project access and config management.


Custom roles are assigned in the same way Doppler's pre-defined roles are.


The default workplace role is assigned when a new user joins a workplace if the user's role is undefined (e.g. if user groups are not used)

Workplace Level

Navigate to the dashboard Team page and click on the Users tab to assign a specific role to user:


Project Level

Navigate to Members in the Project sub-menu menu to assign permissions at the Project level.