Members (User Management)

Manage users across your organization and workspaces and assign them relevant roles.

RudderStack’s user management feature lets you easily collaborate with other members of your organization. It provides different options to manage users and their permissions at the workspace level.

Manage users in organization

RudderStack lets you invite users and assign them relevant user roles within your organization.

Only the Org OwnerAn Org Owner owns the RudderStack organization. and Org AdminAn Org Admin is an invited user with full access to the organization. can invite/remove other members and edit their access policies. The Org Admins can also invite/remove and edit the access policies of other Org Admins. However, no one can edit the access policy or remove an Org Owner.

Invite users

You can invite users to an organization either as Org Admin or Org Member. The following sections detail the steps to invite users with these permissions.

Org Admin

To invite a user with Org Admin permissions:

  1. Go to Settings > Organization. Go to the Members tab and click the Invite member button:
Invite member
  1. Enter the member’s Email address and select Organization Role as admin from the dropdown. You can send multiple invites at once by clicking Add another member. Finally, click Send invite(s) to proceed.
info
The Admin user gets access to all the workspaces within that organization by default.
Set email address and org role
  1. Enter your password to send the invite(s). The user will be automatically added to the organization once they accept the invitation.

Org Member

To invite a user with Org Member permissions:

  1. Go to Settings > Organization. Go to the Members tab and click the Invite member button:
Invite member
  1. Enter the member’s Email address and select Organization Role as member from the dropdown. You can send multiple invites at once by clicking Add another member. Finally, click Send invite(s) to proceed.
Set email address and org role
  1. Click Add workspaces next to the invited user.
Invite member
  1. Select the specific workspace(s) you want to add the user to and click Add workspace(s).
Invite member

The user will be automatically added to the specified workspace(s) once they accept the invitation.

Remove users

To remove a user from the organization, click the meatballs menu next to the user and select Remove member. Enter your password to confirm.

Edit access policy

Edit access policy

  1. In the Members tab, click the meatballs menu next to the user and select Edit access policy:
Edit access policy
  1. Click the edit icon corresponding to the Organization role or the specific workspace for which you want to change the user’s permissions.
Edit access policy
  1. Make the necessary changes, click Save, and enter your password to confirm.
Edit user role to Member

Note that:

  • When you upgrade a user with Member role to Admin, they will automatically get full edit access to all the resources.

  • When you downgrade a user with Admin role to Member, RudderStack resets all access permissions to read-only. You need to manually set the permissions for each resource and click Save to update the access policy.

Manage users in workspaces

RudderStack lets you add/remove users and assign them relevant user roles within your workspaces.

info
Only the RudderStack Cloud Starter, Growth, and Enterprise plans have access to multiple workspaces within an organization.

As the Org OwnerAn Org Owner owns the RudderStack organization. and Org AdminAn Org Admin is an invited user with full access to the organization. have admin access over all the workspaces within an organization, only they can add/remove Org members and edit their access policies for different workspaces.

Add users

You can choose to add an existing Org Member to a specific workspace:

  1. Click the meatballs menu next to the user and select Add workspace(s).
Set email address and org role
  1. Select the workspace(s) you want to add the user to and click Add workspace(s).
Set email address and org role

Remove users

You can remove an Org member from a specific workspace by clicking the workspace next to the user and clicking Remove from workspace, as shown:

Remove user from workspace

Edit access policy

  1. In the Members tab, click the workspace next to the user and select Edit access policy:
Edit access policy
  1. Click the edit icon corresponding to the Organization role or the workspace for which you want to change the user’s permissions.
Edit access policy
  1. Make the necessary changes, click Save, and enter your password to confirm.

Role definitions

Term
LevelDefinition
Organization rolesOrganizationHighest abstraction level that determines if a user has a full access or customized access to specific resources.

Example: Org Owner, Org Admin, Org Member
Resource rolesWorkspacePredefined access to specific resources. A user can have multiple resource roles that grant access to all or some resources.

Example: Connections Admin/Editor/Viewer, Transformations Admin

Role permissions

The following sections detail the access policies set for organization-level and resource-level roles.

warning
All role permissions are packaged differently in RudderStack Cloud plans. See Plan-wise features for more information.

Organization roles

NameAccess policy
Org AdminFull organization access.
Org MemberDependent on resource roles.

Resource roles

Connections

NameWhat user can doWhat user cannot do
Admin
  • Create and delete sources and destinations.
  • Create and delete models.
  • Connect and disconnect sources from destinations.
  • Edit source and destination configurations.
  • Connect or disconnect transformations.
  • Connect or disconnect models.
  • Link or unlink tracking plans.
  • CRUD operations on any resource for which there is no specific role (for example, Audience, Profiles).
-
Editor
  • Connect and disconnect sources from destinations.
  • Edit source and destination configurations.
  • Connect or disconnect transformations.
  • Connect or disconnect models.
  • Link or unlink tracking plans.
Create and delete sources and destinations.
ViewerRead-only access.Create, edit, or delete anything.

Transformations and Library

NameWhat user can doWhat user cannot do
Grant edit accessCreate, edit, or delete transformations/libraries.Connect and disconnect transformations/libraries.

Plan-wise features

FeatureFreeStarter/GrowthEnterprise
Organization roles
  • Org Admin
  • Org Member
  • Org Admin
  • Org Member
  • Org Admin
  • Org Member
Resource rolesNone
Assign user access to PIINoNoYes
info

Summary:

  • All RudderStack Cloud plans have these organization roles - Org Owner, Org Admin, and Org Member.
  • RudderStack Cloud’s Free plan does not have any granular, resource-level roles. It only has following roles:
    • Org Owner/Org Admin: Full organization access.
    • Org Member: View-only access.
  • Resource roles are available in paid plans and they expand by tier.
  • The PII controls feature is available only in the Enterprise plan.

Member limit

PlanMember limit
Free10
Starter10
GrowthUnlimited
EnterpriseUnlimited

Migration and mapping

If you have added users to your organization with the previous role permissions, RudderStack will automatically migrate them into the new roles and map the granular resource-level permissions as applicable.

Previous organization roleNew organization roleNew resource roles
AdminOrg AdminNot applicable, full access already.
Read-Write
  • Free plan: Org Member
  • Paid plans: Org Member
See Plan-wise features for more information.
Read-OnlyOrg MemberNone – view-only access by default.

Questions? Contact us by email or on Slack