Overview
OneSignal allows you to manage user access either at the Organization level (all apps) or at the App level (specific apps). Each user can be assigned a roleโAdmin, Editor, or Viewerโbased on their needs and responsibilities. For example:- An analyst who needs to review messaging performance across apps could be an Organization Viewer.
- A developer or marketer working on one app can be assigned as an App Admin.
For more on how apps and organizations work together, see Apps, orgs, & accounts.
Roles and permissions
Role types
| Role | Best for | Access summary |
|---|---|---|
| Admin | ๐ ๏ธ Developers, Owners | Full control over settings, messaging, users, integrations, and permissions |
| Editor | ๐ฃ Marketers, PMs | Can create, edit, and send messages. Can view/export analytics but not change app/org settings |
| Viewer | ๐ Analysts, Read-only users | Can view analytics, messages, and templates. Cannot edit or send messages |
Permission matrix
| Permission | Viewer | Editor | Admin |
|---|---|---|---|
| Send messages (Journeys, Automations, Webhooks) | โ | โ
| โ
|
| Segments | Read-only | Read-only | โ
|
| Data Tags | Read-only | โ
| โ
|
| Templates | Read-only | โ
| โ
|
| Exporting | โ | โ
| โ
|
| Analytics | Read-only | โ
| โ
|
| API Key Access | โ | โ | โ
|
| App Usage | โ
| โ
| โ
|
| 2FA / Email / Password change | โ
| โ
| โ
|
| Auth Key / Delete Key access | โ | โ | โ
|
| App Settings (Integrations, Platform Settings, Roles) | โ | โ | โ
|
| Org Settings (Upgrades, Role Management, SSO, Org-wide 2FA) | โ | โ | โ
* |
* Org Settings access is limited to users with the Organization Admin role. App-level-only Admins do not have permission to modify organization-level settings such as billing, plan upgrades, SSO, or org-wide 2FA.
Managing team access
You can grant access at either the Organization level (all apps) or App level (specific apps).Organization-level access
Organization Admins can invite users and assign them roles that apply to all apps in the org. To invite a new team member:- Navigate to Organizations > [Your Organization] > Team Members
- Click Invite to Organization
- Choose a role: Admin, Editor, or Viewer
Navigate to your Organization
App-level access
App Admins can invite users to a single app. To invite someone to a specific app:- Go to App Settings > Team Members
- Click Invite to App
- Assign the user a role for that app
Inviting a user to an app
Role availability by plan
| Role Type | Free Plan | Growth Plan | Professional Plan | Enterprise |
|---|---|---|---|---|
| Admin | โ | โ | โ | โ |
| Editor | โ | โ | โ | โ |
| Viewer | โ | โ | โ | โ |
Update or remove user access
To update a role or remove someone:- Go to your Organization or App settings
- Click the Options menu (โฎ) next to the userโs name
- Select Update Role or Remove
Updating an existing user's role
Best practices
- โ Assign the minimum role neededโfor example, donโt give full Admin access if View or Edit is enough.
- ๐ง Use org-level roles for users who need access across many apps (like analysts or leadership).
- ๐ Limit API key access to trusted technical users with Admin roles.
- ๐ Free plans only support Adminsโupgrade to add Viewers and Editors.
Need help?Chat with our Support team or email
support@onesignal.comPlease include:- Details of the issue youโre experiencing and steps to reproduce if available
- Your OneSignal App ID
- The External ID or Subscription ID if applicable
- The URL to the message you tested in the OneSignal Dashboard if applicable
- Any relevant logs or error messages