Get Started
Data
Analytics
Session Replay
Experiment
Admin
CDP
SDKs APIs
Partners
Monthly tracked users (MTUs) billing guide Usage reports: Understand how your organization uses Amplitude
The Settings page Change the unit of currency your project uses Set up SCIM provisioning in Amplitude Portfolio: Conduct cross-project analysis in Amplitude Manage organizations and projects Manage permissions at scale with permission groups Manage user privacy notifications in Amplitude Manage users and permissions User roles and permissions in Amplitude Webhooks for custom monitors
Single sign-on (SSO) in Amplitude Set up single sign-on (SSO) for Amplitude using Auth0 Set up single sign-on (SSO) for Amplitude using G Suite Set up single sign-on (SSO) for Amplitude using Microsoft Azure Active Directory Set up single sign-on (SSO) for Amplitude using Okta Set up single sign-on (SSO) for Amplitude using OneLogin
Admin
/

User roles and permissions in Amplitude

This article helps you:

  • Understand the different permissions associated with Amplitude's user roles

User permissions define the level of Amplitude access a user in your organization has. Usually, Amplitued bases permissions on a user's role, though project-level permissions and permission groups are available for Enterprise customers who need the ability to better target levels of security. For more information about permissions in Amplitude Experiment, see App-level user permissions.

Note

You may also find this course on administering Amplitude helpful.

The person who sets user permissions is the admin. The admin is the first user of any Amplitude organization, and each organization must have at least one admin (any admin can designate other users as admins as well). When new users are first invited to an organization, they're assigned the viewer role by default.

In Amplitude, user permissions exist at the organization level. Once assigned a permission level, a user in an organization has the same level of access to all projects within that organization. 

Learn more about how to create and manage organizations and projects.

User roles and permissions in Amplitude

Viewer

Recommended role for third parties, if you don't want them creating content that the rest of the organization can find.

  • Create, edit, and delete undiscoverable dashboards, charts, and behavioral cohorts. Viewers must be the owner of the content to edit and delete it.
  • Co-own undiscoverable content made by another user.
  • View project settings
  • View data sources and data destinations
  • Connect user account to Slack
  • Edit their own profile (name, title, team, password)
  • Edit their own email subscriptions
  • Set custom monitors and subscribe to them
  • Share content they create with others

Note that viewers:

  • Can't create anything that's discoverable, including saved segments
  • Can't create shareable links
  • Can't export data to third-party integration partners

Member

Recommended for the majority of Amplitude users in your organization. Members have all viewer-level permissions, plus:

  • Create discoverable dashboards, charts, behavioral cohorts, and saved segments
  • Mark content as "Official Content"
  • Create custom events
  • Create team spaces
  • Edit releases

Note

Members can't search for undiscoverable content.

Manager

Recommended for users who need access to all content created within Amplitude (doesn't include undiscoverable dashboards and charts) and ability to make changes to project settings. Managers have all member-level permissions, plus:

  • Add and remove users
  • Edit user role (permissions)
  • Create, edit, and delete annotations
  • Visibility of API keys and secret keys in project settings
  • Remove and edit saved segments
  • Create new projects
  • Edit project settings
  • Add and edit data sources and data destinations
  • Transfer ownership of content they don’t own

Admin

The highest-level permissions set in an organization. Amplitude recommends limiting the number of users in an organization who are Admins. Only existing administrators can grant or revoke the Admin role. Admins have all manager-level permissions, plus:

  • Remove shared chart and dashboard links
  • Change sampling settings
  • Create permission groups
  • Delete organization or change organization name and URL (the Admin must submit this request to the Amplitude Support team)
  • Change org Admins

All users

  • Can't change full name of other users
  • Can't change or reset password for other users
  • Can't change their own role in the organization
  • Can't remove themselves from the organization. To do so, request an admin or manager remove you from the organization.
  • Can't permanently delete another user’s content. Admins can archive users content but only owners can delete their content after archiving.
Was this page helpful?

Thanks for your feedback!

May 10th, 2024

Need help? Contact Support

Visit Amplitude.com

Have a look at the Amplitude Blog

Learn more at Amplitude Academy

Terms of Service Privacy Notice Acceptable Use Policy Legal

© 2024 Amplitude, Inc. All rights reserved. Amplitude is a registered trademark of Amplitude, Inc.