Team Roles & Permissions
APIVerve Teams uses a role-based access control system. Each team member is assigned a role that determines what they can see and do within your workspace.
Role Overview
There are three roles in APIVerve Teams:
| Role | Can Be Assigned? | Description |
|---|---|---|
| Owner | No (automatic) | The account holder who created and owns the workspace |
| Admin | Yes | Full access to most workspace features except billing |
| Viewer | Yes | Read-only access to view API keys and analytics |
Owner
The Owner is the account that created the workspace. This role cannot be transferred or assigned - it's automatically held by the workspace creator.
Owner Capabilities
- Full access to all workspace features
- Manage subscription and billing
- Invite and remove team members
- Change member roles
- Access all API keys and settings
- View complete analytics and usage history
- Create and manage sub-keys
- Rotate API keys
- Delete the workspace (by closing the account)
The Owner role is tied to the account that created the workspace. To transfer ownership, you would need to export your configuration and have another account recreate it. Consider using Admin roles for collaborators who need extensive access.
Admin
Admins have full operational access to the workspace. They can manage most aspects of the API configuration but cannot access billing or account-level settings.
Admin Capabilities
- API Keys - View, copy, and use all API keys
- Sub-Keys - Create, edit, and delete sub-keys
- Key Rotation - Rotate API keys when needed
- Analytics - Full access to usage analytics and history
- API Playground - Test APIs in the playground
- Settings - Modify API-related settings
- VerveKit - Manage JSONBin, MockServer, Forms, etc.
Admin Restrictions
- Cannot manage billing or subscription
- Cannot invite or remove other team members
- Cannot change other members' roles
- Cannot access account settings (email, password)
Assign the Admin role to developers, technical leads, or anyone who needs to actively work with your APIs - creating sub-keys, rotating credentials, or managing configurations.
Viewer
Viewers have read-only access to the workspace. They can see API keys and analytics but cannot make changes.
Viewer Capabilities
- API Keys - View and copy API keys
- Analytics - View usage analytics and history
- API Playground - Test APIs in the playground
- Documentation - Access API documentation and references
Viewer Restrictions
- Cannot create, edit, or delete sub-keys
- Cannot rotate API keys
- Cannot modify any settings
- Cannot manage VerveKit features
- Cannot access billing or account settings
- Cannot invite or manage team members
Assign the Viewer role to stakeholders, project managers, QA testers, or anyone who needs to see API keys and monitor usage but shouldn't make changes.
Permission Matrix
Complete breakdown of permissions by role:
API & Keys
| Permission | Owner | Admin | Viewer |
|---|---|---|---|
| View API keys | ✓ | ✓ | ✓ |
| Copy API keys | ✓ | ✓ | ✓ |
| Rotate API keys | ✓ | ✓ | ✗ |
| Set key expiration | ✓ | ✓ | ✗ |
| Create sub-keys | ✓ | ✓ | ✗ |
| Edit sub-keys | ✓ | ✓ | ✗ |
| Delete sub-keys | ✓ | ✓ | ✗ |
| Configure key scoping | ✓ | ✓ | ✗ |
Analytics & Monitoring
| Permission | Owner | Admin | Viewer |
|---|---|---|---|
| View usage analytics | ✓ | ✓ | ✓ |
| View usage history | ✓ | ✓ | ✓ |
| View API call logs | ✓ | ✓ | ✓ |
| Export analytics data | ✓ | ✓ | ✗ |
VerveKit Features
| Permission | Owner | Admin | Viewer |
|---|---|---|---|
| Use API Playground | ✓ | ✓ | ✓ |
| Manage JSONBin | ✓ | ✓ | ✗ |
| Manage MockServer | ✓ | ✓ | ✗ |
| Manage Forms | ✓ | ✓ | ✗ |
| Use GraphQL Playground | ✓ | ✓ | ✓ |
Team & Account
| Permission | Owner | Admin | Viewer |
|---|---|---|---|
| Invite team members | ✓ | ✗ | ✗ |
| Remove team members | ✓ | ✗ | ✗ |
| Change member roles | ✓ | ✗ | ✗ |
| View team members | ✓ | ✓ | ✓ |
| Manage billing | ✓ | ✗ | ✗ |
| Change subscription | ✓ | ✗ | ✗ |
| Account settings | ✓ | ✗ | ✗ |
Changing Roles
Only the workspace Owner can change team member roles.
To Change a Member's Role
- Go to Teams in your dashboard
- Find the team member in "My Team"
- Click the role settings icon (user-cog)
- The role will toggle between Admin and Viewer
- Confirm the change
Role changes take effect immediately. The team member's access permissions update right away.
Changing a role doesn't require the team member to log out or take any action. Their permissions update automatically the next time they interact with the dashboard.
Choosing the Right Role
Here's guidance on which role to assign:
Assign Admin When
- The person needs to create or manage sub-keys
- They need to rotate API keys
- They'll be configuring VerveKit features
- They're a developer who needs to make configuration changes
- They're a technical lead responsible for API management
Assign Viewer When
- The person only needs to copy API keys for their projects
- They need to monitor usage but not make changes
- They're in a project management or oversight role
- They're testing APIs but shouldn't modify configuration
- You want to limit the potential for accidental changes
When in doubt, start with Viewer. You can always upgrade someone to Admin later. It's easier to grant more access than to recover from unintended changes.
Go to your Teams dashboard to view and change team member roles.