diff --git a/docs/hub/enterprise-resource-groups.md b/docs/hub/enterprise-resource-groups.md
index e0ba5419b..92730ef6f 100644
--- a/docs/hub/enterprise-resource-groups.md
+++ b/docs/hub/enterprise-resource-groups.md
@@ -22,7 +22,7 @@ This feature allows organization administrators to:
- Group related repositories together for better organization
- Control member access at a group level rather than individual repository level
-- Assign different permission roles (read, contributor, write, admin) to team members
+- Assign different permission roles (no_access, read, contributor, write, admin) to team members
- Keep private repositories visible only to authorized group members
- Enable multiple teams to work independently within the same organization
- Configure which member roles are allowed to create new resource groups
diff --git a/docs/hub/organizations-security.md b/docs/hub/organizations-security.md
index 60ade02a4..3fe01ec78 100644
--- a/docs/hub/organizations-security.md
+++ b/docs/hub/organizations-security.md
@@ -8,7 +8,9 @@
>
> The Resource Group feature is part of the Team & Enterprise plans.
-Members of organizations can have four different roles: `read`, `contributor`, `write`, or `admin`:
+Members of organizations can have five different roles: `no_access`, `read`, `contributor`, `write`, or `admin`:
+
+- `no_access`: the member belongs to the Organization but has no access to its repositories or settings. Use with [Resource Groups](./security-resource-groups) to grant access to specific repos only.
- `read`: read-only access to the Organization's repos and metadata/settings (eg, the Organization's profile, members list, API token, etc).
diff --git a/docs/hub/programmatic-user-access-control.md b/docs/hub/programmatic-user-access-control.md
index 5ba80abae..5aeba3a72 100644
--- a/docs/hub/programmatic-user-access-control.md
+++ b/docs/hub/programmatic-user-access-control.md
@@ -12,7 +12,7 @@ This guide describes how to manage organization member roles and resource group
## Change member role via API
-You can change a member's **organization role** (Read / Contributor / Write / Admin) and, optionally, their roles in **resource groups** using the Hub API. The API updates **one member per request**. To change roles for multiple members, call the API in a loop (examples below).
+You can change a member's **organization role** (No Access / Read / Contributor / Write / Admin) and, optionally, their roles in **resource groups** using the Hub API. The API updates **one member per request**. To change roles for multiple members, call the API in a loop (examples below).
**OpenAPI reference:** PUT /api/organizations/{name}/members/{username}/role
@@ -50,7 +50,7 @@ Content-Type: application/json
- `org_name`: Organization slug (e.g. `my-org`).
- `username`: Hugging Face **username** of the member whose role you are changing.
- **Body**
- - `role` (required): The member's **organization-level** role. One of: `"read"`, `"contributor"`, `"write"`, or `"admin"`.
+ - `role` (required): The member's **organization-level** role. One of: `"no_access"`, `"read"`, `"contributor"`, `"write"`, or `"admin"`.
- `resourceGroups` (optional): Array of resource group assignments for this user. Each item:
- `id`: Resource group ID (24-character hex string; get IDs from the [resource groups list API](#list-resource-groups)).
- `role`: Role in that resource group: `"read"`, `"contributor"`, `"write"`, or `"admin"`.