Overview

OneSignal allows you to manage user access either at the Organization level (all apps) or at the App level (specific apps). Each user can be assigned a role—Admin, Editor, or Viewer—based on their needs and responsibilities. For example:
  • An analyst who needs to review messaging performance across apps could be an Organization Viewer.
  • A developer or marketer working on one app can be assigned as an App Admin.
For more on how apps and organizations work together, see Apps, orgs, & accounts.

Roles and permissions

Role types

RoleBest forAccess summary
Admin🛠️ Developers, OwnersFull control over settings, messaging, users, integrations, and permissions
Editor📣 Marketers, PMsCan create, edit, and send messages. Can view/export analytics but not change app/org settings
Viewer📊 Analysts, Read-only usersCan view analytics, messages, and templates. Cannot edit or send messages

Permission matrix

PermissionViewerEditorAdmin
Send messages (Journeys, Automations, Webhooks)
Segments
Read-only
Read-only
Data Tags
Read-only
Templates
Read-only
Exporting
Analytics
Read-only
API Key Access
App Usage
2FA / Email / Password change
Auth Key / Delete Key access
App Settings (Integrations, Platform Settings, Roles)
Org Settings (Upgrades, Role Management, SSO, Org-wide 2FA)
✅*
* Org Settings access is limited to users with the Organization Admin role. App-level-only Admins do not have permission to modify organization-level settings such as billing, plan upgrades, SSO, or org-wide 2FA.

Managing team access

You can grant access at either the Organization level (all apps) or App level (specific apps).

Organization-level access

Organization Admins can invite users and assign them roles that apply to all apps in the org. To invite a new team member:
  1. Navigate to Organizations > [Your Organization] > Team Members
  2. Click Invite to Organization
  3. Choose a role: Admin, Editor, or Viewer

Navigate to your Organization

App-level access

App Admins can invite users to a single app. To invite someone to a specific app:
  1. Go to App Settings > Team Members
  2. Click Invite to App
  3. Assign the user a role for that app

Inviting a user to an app


Role availability by plan

Role TypeFree PlanGrowth PlanProfessional PlanEnterprise
Admin
Editor
Viewer
View full pricing and plan features

Update or remove user access

To update a role or remove someone:
  1. Go to your Organization or App settings
  2. Click the Options menu (⋮) next to the user’s name
  3. Select Update Role or Remove

Updating an existing user's role


Best practices

  • Assign the minimum role needed—for example, don’t give full Admin access if View or Edit is enough.
  • 🧠 Use org-level roles for users who need access across many apps (like analysts or leadership).
  • 🔒 Limit API key access to trusted technical users with Admin roles.
  • 🆓 Free plans only support Admins—upgrade to add Viewers and Editors.
Need help?Chat with our Support team or email support@onesignal.comPlease include:
  • Details of the issue you’re experiencing and steps to reproduce if available
  • Your OneSignal App ID
  • The External ID or Subscription ID if applicable
  • The URL to the message you tested in the OneSignal Dashboard if applicable
  • Any relevant logs or error messages
We’re happy to help!