Team and permissions

Invite team members, assign organization roles (Owner / Administrator / User), configure per-app permissions, and use role templates for fast setup.

The Team and permissions page is where you invite colleagues into your Apphud organization, set their organization role, and (for Users) configure exactly which apps they can access and what they can do inside each app.

Apphud uses two independent layers of permissions:

LayerWhat it controlsWho it applies to
Organization roleAccount-level capabilities — whether user has acces to billing, team management, app creation, etc.Every member is assigned with one of three roles - Owner (just one per organization), Admin, or User
App permissionsWhat the member can see and do inside a specific app — analytics, experiments, rules, integrations, data export, etc.Members with the User organization role only
📘

Who can manage the team?

Only Owner and Administrator can invite, edit, or remove team members.
Members with the User role don't see the Team and permissions page at all.

Apphud - Team and permissions page — Team tab

How to open

Click your profile avatar (top-right) → Team and permissions.

The page has two tabs:

  • Team — active members.
  • Sent invitations — pending invites you can Resend or Revoke.

Above the table: search by name or email, and the Add member + button.
A counter under the title shows seat usage — e.g., 9 out of 10 members added — based on your plan's seat limit (including the Owner).

Organization roles

Apphud has three organization-level roles. Each controls account-wide capabilities that apply across all apps.

Owner

The Owner has the highest level of access. Every organization has exactly one Owner.

  • Full account-level access.
  • Only role that can transfer organization ownership to another member, transfer apps to another organization, or remove apps.
  • Cannot be removed by anyone else — the role only changes via Organization settings → Transfer ownership.

Administrator (Admin)

Admins have access to most account-level features except ownership transfer and app removal.

  • Access to all account-level features: Organization settings, Plans and billing, and Team and permissions.
  • Automatic full access to every app in the organization — existing and any new ones added later. App permissions are not configurable for Admins.
  • Can create new apps, invite new members (User or Admin), edit other members' rights, and remove members with User or Admin role.
  • Cannot transfer the organization, cannot transfer or remove apps, cannot remove the Owner.

User

The most restrictive role. Users only see what they've been granted access to.

  • No access to organization settings, billing, user management, or app transfer/removal.
  • No Organization settings or Team and permissions items in the top profile menu.
  • Per-app permissions are explicit and required — until you grant access to at least one app, the user has nothing to work with.
  • In the app picker, Users see only apps where they have any access (Full or Limited).

Capability matrix

CapabilityOwnerAdministratorUser
Transfer organization ownership
Transfer apps to another organization
Remove apps (and all associated data)
View Organization settings page
Edit Organization settings (name, business address)
Edit billing — plan, credit card, billing address
Create new apps
View Team and permissions page
Add new members
Edit other members' rights✓ (except Owner)
Remove members with User role
Remove members with Administrator role
Remove the Owner
Revoke / resend invitations
Automatic full access to every app— (configured per app)

App permissions (User role only)

When you invite or edit someone with the User role, you assign per-app permissions.

First you need to select a list of apps the user will have access to.

App permissions are organized into eight categories — each can be set independently for each app via the Edit permissions dialog.

General access-level meaning:

  • Full access — view, edit, create, and delete in this category.
  • Read only — view all data and configuration; create / edit / delete actions are hidden.
  • No access — the category is hidden from the left menu entirely; direct links return a permission error.

The categories below list the specific access levels available for each — not every category supports Read only.

Apphud - New Team member addition

Mission control, Product hub, and Audiences

Covers: Mission control (Targetings, Placements, Paywalls, Screens), Product hub (Permission Groups, Products), Audiences, User Properties, and the individual User Page.

Access levels:

  • Full access — full control over monetization configuration: create/edit targetings, paywalls, products, audiences; open any user.
  • Read only — see all the above but cannot create or edit anything.
  • No access — entire section hidden from the menu.

Analytics and Dashboards

Covers: Dashboard, Reports (every chart), Paywall analytics.

Access levels:

  • Full access — view and configure all reports and dashboards.
  • New Users and Active Users only — sees only the New Users and Active Users reports; all other reports hidden.
  • Read only — view all reports and dashboards; can't change their configuration.
  • No access — Analytics, Dashboard, and Paywall analytics hidden from the menu.

Chart export (CSV) is available to anyone with Analytics access — it's part of Analytics, not the separate Data export category below.

A/B tests

Covers: A/B tests / Experiments — create, configure, launch, stop, and analyze experiments.

Access levels:

  • Full access — create / edit / stop experiments and view results.
  • Read only — view configured experiments and their results; cannot create, edit, or stop.
  • No access — A/B tests hidden from the menu.

Rules

Covers: Rules — automation triggers and actions (e.g., Win-back, Customer Insights).

Access levels:

  • Full access — create / edit / pause / delete rules.
  • Read only — view rules and their run history; no edits.
  • No access — Rules hidden from the menu.

Events

Covers: the Events page — filtering, inspecting individual events, reviewing integration delivery status.

Access levels:

  • Full access — view the Events page and all event details.
  • No access — Events hidden from the menu.
📘

No Read-only level

Events is inherently a viewing surface (you can't edit events from this UI), so it has only Full access / No access. To restrict what can be done with the event data (export to CSV), use Data export below.

Integrations

Covers: Integrations — third-party connections (AppsFlyer, Branch, Amplitude, etc.), daily exports (S3 / GCS), server-to-server webhooks, Customers API.

Access levels:

  • Full access — add / edit / remove connections, manage credentials, configure event selectors.
  • Read only — view configured integrations and their delivery logs; no edits.
  • No access — Integrations hidden from the menu.

App settings

Covers: app keys, App Store credentials, Google Play credentials, Server notifications, Push setup, Customizations, and other app-level configuration.

Access levels:

  • Full access — edit all app settings, rotate credentials, change customization values.
  • Read only — view settings (credential values may be masked); no edits.
  • No access — App settings hidden from the menu.

Data export

Covers: row-level CSV export from the Events and Users (Audiences) pages.

Access levels:

  • Full access — Export CSV buttons appear on the Events and Users pages.
  • No access — Export buttons hidden.
📘

Detailed data export is separate from chart export

This category gates row-level CSVs from Events and Users only. It does not affect chart export from Analytics — anyone with Analytics and Dashboards access (Full or Read only) can export individual charts as CSV from the chart toolbar.

Owner and Administrator always have full export rights everywhere.

Role templates

When you assign per-app permissions, you can pick a role template to fill in all eight categories at once. Templates are presets — after applying one you can still tweak individual categories before saving.

The Edit permissions dialog shows seven tabs at the top:

  • Full access — every category set to Full access. The User-tier equivalent of an "app admin".
  • Developer - see the matrix below
  • UA manager - see the matrix below
  • Marketing manager - see the matrix below
  • Support manager - see the matrix below
  • Viewer (read-only) — every category set to Read only where supported. Events and Data export (which have no Read-only level) are set to Full access.
  • No access — every category set to No access. Use to fully revoke access to an app without removing the member from the organization.

Preset matrix

Full access and No access set every category to that one level, so they're not shown here.

CategoryDeveloperUA managerMarketing managerSupport managerViewer (read-only)
Mission control, Product hub, and AudiencesFull accessNo accessRead onlyRead onlyRead only
Analytics and DashboardsNo accessNew Users and Active Users onlyFull accessNo accessRead only
A/B testsNo accessNo accessNo accessNo accessRead only
RulesNo accessNo accessNo accessNo accessRead only
EventsFull accessNo accessFull accessFull accessFull access
IntegrationsFull accessNo accessRead onlyNo accessRead only
App settingsFull accessNo accessNo accessNo accessRead only
Data exportNo accessFull accessFull accessNo accessFull access

Who each template is designed for

  • Developer — engineers integrating the SDK and configuring products/paywalls. Full access to Mission control, Events, Integrations, and App settings; no Analytics, A/B tests, Rules, or Data export.
  • UA manager — user-acquisition. Sees only the New Users and Active Users reports in Analytics, plus full Data export. No other access.
  • Marketing manager — full Analytics, Events, and Data export for performance reporting; read-only Mission control and Integrations. No A/B tests, Rules, or App settings.
  • Support manager — handles user-level tickets. Read-only Mission control (including User Pages) and full Events access; nothing else.

Invite a team member

  1. Open Team and permissionsAdd member +.
  2. Enter one or more work emails, separated by commas — everyone in the list is invited with the same role and app access.
  3. Pick the Team roleAdmin or User.
  4. If you picked User:
    • Open the App(s) dropdown and select one or more apps.
    • For each selected apps group, choose a role template tab or set each category manually → Save.
  5. Click Send invitation.

One invalid email blocks the whole invite

If any address in the comma-separated list is invalid, no one is invited — and the form shows only a generic "Email is invalid", without pointing to which address is wrong. Double-check each email before sending.

The invitee receives a "You've been invited to join the organization" email. Clicking the link opens Apphud — if they don't have an Apphud account yet, registration happens immediately after they accept.

Apphud - team member invitation email
📘

Select an app first

The App permissions section in the Add / Edit member dialog stays blank with a "first select the app" hint until you pick at least one app in the App(s) dropdown.

Invite during app registration

If your plan has unused seats, you can invite team members during the new-app wizard — at the final Permissions step (after the App Store and Google Play setup steps).

  • Pick existing members or invite new ones, and configure their access to the new app right there.
  • People not yet in your organization receive an invitation email; their permissions are pre-applied when they accept.
  • Members already in the organization see the new app in their app list as soon as you finish the wizard.

This is faster than creating the app first and inviting people afterward through Team and permissions.

Edit a team member

In the member's row, open the three-dot menu → Edit team member.

The dialog shows:

  • Work email — locked, cannot be changed.
  • Team role — radio buttons for Admin or User. Switching from User to Admin hides the per-app section (Admins always get full access to every app).
  • App permissions — visible only for User role. Pick apps in the App(s) dropdown, then click Edit permissions per app to set categories.

Click Save to apply. The member's UI updates on their next page load.

Apps access badges

On the Team page, each member's Apps access column shows count badges per access tier so you can scan team access at a glance:

  • Green number — apps where the member has Full access (Full access in every category).
  • Yellow number — apps where the member has Limited access (mix of access levels — at least one Read only or single-category No access).
  • Red number — apps where the member has No access in every category.

Hover a badge to see the list of apps in that tier.

Owner and Administrator show All apps instead — they have automatic full access to every app in the organization, current and future.

Remove a team member

In the row's three-dot menu, click Remove team member → confirm.

  • The member loses access immediately on their next request.
  • The seat is freed.

Self-request for access removal

Members can request to remove themselves from an organization they don't own — typically a former employer's organization. Submit a request to Apphud Support; we verify and remove the access without involving the Owner.

Managing invitations

The Sent invitations tab lists pending invites with Resend and Revoke actions in the three-dot menu.

  • Resend — triggers a new invitation email. The original invite link is replaced.
  • Revoke — invalidates the invite link. The invitee can no longer use it; the seat is freed.

Seats and plan

The number of team members you can have is set by your Apphud plan. The header counter (X out of Y members added) reflects this — Y is your plan's seat limit, including the Owner.

  • Both active members and pending invitations count toward the limit.
  • Premium plans include additional seats — see Pricing.
  • Collaborators access Premium features through the Owner's subscription. They don't need a separate Apphud subscription. However, if a collaborator owns their own Apphud organization, that organization needs its own subscription.

FAQ

Can I add a member who can create new apps but doesn't see existing ones?

No. The ability to create new apps belongs only to Administrator and Owner — and Admins automatically have full access to every existing and future app. There's no role that combines "create apps" with "limited view of current apps". If you need to isolate a teammate to specific apps, use the User role and grant them only the apps they should access; new apps you create later won't appear for them unless you explicitly grant access.

What's the difference between Administrator and a User with Full access to every app?

  • An Administrator sees every current and future app automatically — no per-app configuration.
  • A User with Full access to selected apps sees only those apps. New apps you add later are not auto-shared and must be granted explicitly.

Use Admin for trusted colleagues who should track everything. Use User + Full access for contractors / agency partners who should only see specific apps.

Why can't a User see analytics even after I gave them Full access?

App permissions are configured per app — granting analytics in App A doesn't apply to App B. Open the member's edit dialog and check Edit permissions for the specific app they're viewing.

Why isn't CSV export working for my Marketing manager?

All four named role templates set Data export = No access by default. Open Edit team member → the relevant app's Edit permissions → switch Data export to Full access.

Can a User export charts from Analytics?

Yes — any member with Analytics and Dashboards access (Full or Read only) can export individual charts as CSV from the chart toolbar. The Data export category specifically gates row-level Events and Users CSVs — chart exports are not gated by it.

Can I invite the same email to multiple organizations?

Yes. The same Apphud account can belong to multiple organizations; the user switches between them via the profile menu Switch organization.

Can I invite a team member to multiple apps at once?

Yes. The App(s) dropdown supports multi-select — choose all relevant apps in the Add / Edit member dialog, then configure per-app permissions for each.

Does removing a member free a seat?

Yes — both removing an active member and revoking a pending invitation free a seat on your plan immediately.

Can an Admin remove the Owner?

No. Only ownership transfer (via Organization settings → Transfer ownership) changes the Owner — and only the current Owner can initiate it.

Can two members have the Owner role at the same time?

No. Each organization has exactly one Owner. To hand over ownership, the current Owner uses Organization settings → Transfer ownership, after which they become an Administrator (or are removed, depending on the chosen option).

Do collaborators pay for Premium features?

No. Collaborators access Premium features through the Owner's subscription. If a collaborator also owns their own Apphud organization, that organization needs its own subscription.