- Overview
- Getting Started
- Quick Start Guide
- Core Concepts
- Users
- Models
- Creating a Model
- Model Card
- Creating a Release
- Uploading Files
- Uploading Images
- Model Templating
- Data Cards
- Creating a Data Card
- Managing Data Cards
- Using a Model
- Browsing the Marketplace
- Requesting Access
- Using a Pushed Docker Image
- Downloading Files
- Reviews
- Understanding Reviews
- Reviewing
- Reviewing a Release
- Reviewing an Access Request
- Reviewing a Model Card Lifecycle
- Review Outcomes
- Security Scanning
- File Scanning
- Image Scanning
- Inferencing
- Creating an Inference Service
- Managing Inference Services
- Model Mirroring
- Creating a Mirrored Model
- Editing a Mirrored Model Card
- Untrusted Models
- Untrusted Models
- Deletion
- Deleting a File
- Deleting a Model
- Soft Deletion
- Programmatic Access
- Authentication
- Personal Access Tokens
- Python Client
- OpenAPI Reference
- Webhooks
- Administration
- Getting Started
- Deployment Architecture
- App Configuration
- Model Lifecycle Configuration
- Schemas
- Understanding Schemas
- Create a Schema
- Upload a Schema
- Schema Migrations
- Review Roles
- Managing Review Roles
- Assigning Roles to Schemas
- Federation
- Peer Integration
- Microservices
- Artefact Scanners
- Helm
- Basic Usage
- Configuration
- Isolated Environments
- Migrations
- Bailo v0.4
- Bailo v2.0
- DataBase Scripts
- Reference
- Glossary
- Roles & Permissions
- Troubleshooting & FAQ
Roles and Permissions
Bailo uses two complementary role systems: System Roles that control what actions a user can take on a model, and Review Roles that determine who must approve releases and access requests.
Common questions this page answers:
- What can an Owner do in Bailo?
- What is the difference between system roles and review roles?
- Who can delete a model?
- Who can upload files?
- What is a Model Technical Reviewer (MTR)?
System roles
Every collaborator on a model is assigned one of three system roles that govern day-to-day interactions.
Owner
The Owner has full control over a model. There must be at least one owner on every model.
Owners can:
- Edit the model name, description, and visibility
- Edit the model card
- Manage collaborators (add, remove, change roles)
- Upload and delete files
- Push and delete container images (e.g. Docker images)
- Create, edit, and delete releases
- Create and manage access requests
- Delete the model
- Configure model settings (e.g. ungoverned access, template eligibility)
Contributor
A Contributor can work on the model's content but cannot manage access or delete the model.
Contributors can:
- Edit the model card
- Upload and delete files
- Push container images
- Create releases
Contributors cannot:
- Change model settings or visibility
- Manage collaborators
- Delete the model
Consumer
A Consumer can access the model's artefacts for use, provided they have an approved access request (or the model has ungoverned access enabled).
Consumers can:
- View the model and its model card
- Download files (with approved access request)
- Pull container images (with approved access request)
- Create access requests
Consumers cannot:
- Edit the model card
- Upload files or images
- Create releases
Permission summary
This reference lists every action in Bailo and which roles can perform it.
- View public model - Owner: Yes, Contributor: Yes, Consumer: Yes, Public (no role): Yes
- View private model - Owner: Yes, Contributor: Yes, Consumer: Yes, Public (no role): No
- Edit model card - Owner: Yes, Contributor: Yes, Consumer: No, Public (no role): No
- Edit model settings - Owner: Yes, Contributor: No, Consumer: No, Public (no role): No
- Manage collaborators - Owner: Yes, Contributor: No, Consumer: No, Public (no role): No
- Upload files - Owner: Yes, Contributor: Yes, Consumer: No, Public (no role): No
- Delete files - Owner: Yes, Contributor: Yes, Consumer: No, Public (no role): No
- Push container images - Owner: Yes, Contributor: Yes, Consumer: No, Public (no role): No
- Create releases - Owner: Yes, Contributor: Yes, Consumer: No, Public (no role): No
- Delete releases - Owner: Yes, Contributor: No, Consumer: No, Public (no role): No
- Download files - Owner: Yes, Contributor: Yes, Consumer: With access request, Public (no role): With ungoverned access
- Pull container images - Owner: Yes, Contributor: Yes, Consumer: With access request, Public (no role): With ungoverned access
- Create access requests - Owner: Yes, Contributor: Yes, Consumer: Yes, Public (no role): No
- Delete model - Owner: Yes, Contributor: No, Consumer: No, Public (no role): No
Review roles
Review roles are created by administrators and attached to schemas. Unlike system roles, review roles are not fixed - your organisation can define whatever roles make sense for your governance process.
How review roles work
- An administrator creates review roles (e.g. "Model Technical Reviewer", "Model Senior Responsible Officer")
- The administrator attaches these roles to a schema
- When a model uses that schema, the model owner assigns specific people to each review role
- When a release or access request is created, the assigned reviewers are notified
- Each review role must approve before the submission is considered fully approved
Common review roles
While organisations can create any review roles they need, two are commonly used:
- Model Technical Reviewer (MTR): Reviews the technical quality of the model - architecture, training process, evaluation metrics, and fitness for purpose
- Model Senior Responsible Officer (MSRO): Reviews governance and compliance aspects - data handling, ethical considerations, risk assessment, and organisational policies
Review role properties
Each review role has:
- Name - Display name (e.g. "Model Technical Reviewer")
- Short Name - Abbreviated identifier (e.g. "mtr")
- Description - Explanation of the role's purpose
- System Role - The minimum system role needed (owner, contributor, consumer, or none)
- Default Entities - Users or groups automatically assigned to this role on new models
Who can review what?
- Release reviews can be performed by any assigned review role
- Access request reviews are typically restricted to specific review roles (commonly MSRO)
The exact review requirements depend on how your administrator has configured the schemas and review roles.
Entry roles
The collective term for all system roles and review roles.
Assigning roles
All roles on a model are managed from the model's Settings tab:
- Open the model page
- Go to the Settings tab
- Under Access, search for users or groups
- Select the appropriate role(s)
- Save changes
Related pages
- Understanding Reviews - How the review process works
- Managing Review Roles - Creating and configuring review roles (administrators)
- Glossary - Definitions of all Bailo terms
Copyright © Crown Copyright 2026.
