登录
下载
技能 编程开发 Lokalise 企业访问控制

Lokalise 企业访问控制

v20260311
lokalise-enterprise-rbac
配置 Lokalise 企业版的单点登录、角色权限、项目语言范围及群组,方便团队通过 API 精细管理翻译访问与审计,保障多语言工作流安全。
Lokalise 角色权限 单点登录 企业版 本地化 访问控制 接口 团队管理
获取技能
464 次下载
概览

Lokalise Enterprise RBAC

Overview

Manage fine-grained access to Lokalise translation projects using its built-in role hierarchy.

Prerequisites

  • Lokalise Team or Enterprise plan
  • Admin or Owner role in the Lokalise organization
  • @lokalise/node-api SDK or direct REST API access

Instructions

Step 1: Assign Project Contributors with Language Scoping

import { LokaliseApi } from '@lokalise/node-api';
const lok = new LokaliseApi({ apiKey: process.env.LOKALISE_API_TOKEN! });

// Add a translator restricted to French and Spanish only
await lok.contributors().create('PROJECT_ID', [{
  email: 'translator@agency.com',
  fullname: 'Marie Dupont',
  is_admin: false,
  is_reviewer: false,
  languages: [
    { lang_iso: 'fr', is_writable: true },
    { lang_iso: 'es', is_writable: true },
  ],
}]);

Step 2: Manage Team-Level Roles

set -euo pipefail
# List team members and roles
curl -X GET "https://api.lokalise.com/api2/teams/TEAM_ID/users" \
  -H "X-Api-Token: $LOKALISE_API_TOKEN"

# Change a user from admin to member
curl -X PUT "https://api.lokalise.com/api2/teams/TEAM_ID/users/USER_ID" \
  -H "X-Api-Token: $LOKALISE_API_TOKEN" \
  -d '{"role": "member"}'

Step 3: Configure SSO (Enterprise Only)

In Lokalise Organization Settings > SSO, configure SAML 2.0 with your IdP. Map IdP groups to Lokalise roles:

  • Eng-Localization -> Admin
  • Translators-FR -> Contributor with fr language scope
  • Product-Managers -> Reviewer

Enable "Enforce SSO" to block password-based login for all org members.

Step 4: Set Up Contributor Groups for Bulk Management

set -euo pipefail
# Create a contributor group scoped to specific languages and projects
curl -X POST "https://api.lokalise.com/api2/teams/TEAM_ID/groups" \
  -H "X-Api-Token: $LOKALISE_API_TOKEN" \
  -d '{
    "name": "APAC Translators",
    "is_reviewer": false,
    "is_admin": false,
    "admin_rights": [],
    "languages": [{"lang_iso": "ja", "is_writable": true}, {"lang_iso": "ko", "is_writable": true}]
  }'

Step 5: Audit Access Regularly

// List all contributors across projects and flag over-privileged users
const projects = await lok.projects().list();
for (const proj of projects.items) {
  const contributors = await lok.contributors().list({ project_id: proj.project_id });
  const admins = contributors.items.filter(c => c.is_admin);
  if (admins.length > 3) {
    console.warn(`Project ${proj.name}: ${admins.length} admins (review needed)`);
  }
}

Error Handling

Issue Cause Solution
403 on contributor create Caller lacks Admin role Elevate to Admin or Owner
Translator sees all languages No language scope set Update contributor with explicit languages array
SSO login loop Mismatched ACS URL Verify callback URL matches IdP config exactly
Cannot remove Owner Last owner protection Transfer ownership before removal

Examples

Basic usage: Apply lokalise enterprise rbac to a standard project setup with default configuration options.

Advanced scenario: Customize lokalise enterprise rbac for production environments with multiple constraints and team-specific requirements.

Output

  • Configuration files or code changes applied to the project
  • Validation report confirming correct implementation
  • Summary of changes made and their rationale

Resources

  • Official Lokalise Enterprise Rbac documentation
  • Community best practices and patterns
  • Related skills in this plugin pack
信息
Category 编程开发
Name lokalise-enterprise-rbac
版本 v20260311
大小 4.04KB
Source jeremylongshore/claude-code-plugins-plus-skills
更新时间 2026-03-12
语言
简体中文
English