We've completely revamped Workspace Permissions. You now have three roles for fine-grained control over permissions on a workspace, and can set a default role for new users.
Admin users have full, unrestricted access to all resources under a Hightouch workspace. They can also manage the Workspace itself, including managing user membership, creating new API keys, setting up External Storage, and configuring integrations with external services (like Slack and PagerDuty).
Editor users have full read and write access to the core Hightouch objects, like Sources, Destinations, Models, Audiences, and Syncs, but are restricted from viewing or editing Workspace-level configuration.
Viewer users have read-only access to all Hightouch objects, excluding Workspace-level configuration.