Team & Permissions

Opseer supports team collaboration with role-based access control. Invite team members to your project, assign roles, and customize permissions per member.

Project types

• Personal — Single-user project. Only you can access it. Good for individual side projects.
• Team — Multi-user project. Invite others to collaborate. Required for any shared access.

You can change a project from Personal to Team at any time in Settings. Changing from Team to Personal requires removing all other members first.

Roles

Opseer uses a three-tier role hierarchy:

Owner

The project creator. Has full access to all features including project deletion, billing, and member management. There is exactly one owner per project. Ownership cannot be transferred.

Admin

Trusted team members with nearly full access. Admins can manage members (invite, remove, change roles), modify settings, and access all features. Admins cannot delete the project or access billing.

Member

Standard team members with read access by default. Members can view stats, data, records, and remote config. Additional permissions can be granted through permission overrides.

Default member permissions

Members receive base permissions plus platform-specific defaults depending on connected integrations:

Base (always)

• stats:read — View stats and charts
• data:read — View data tables
• records:read — View records

When Firebase is connected

• remote_config:read — View Remote Config
• firebase:auth:read — View Firebase Auth users
• firebase:firestore:read — View Firestore
• firebase:functions:read — View Cloud Functions

When Supabase is connected

• supabase:auth:read — View Auth users
• supabase:functions:read — View Edge Functions
• supabase:cron:read — View Cron Jobs

When Neon (Management) is connected

• neon:branch:read — View Neon branches
• neon:compute:read — View compute endpoints
• neon:database:read — View databases · IP Allow · Replication

All permissions

The full permission set organized by category (Neon adds 4 more permissions; total count varies by integration state):

Base permissions

• stats:read / stats:write — Stats and charts
• data:read / data:write — Data tables
• records:read / records:write / records:delete — Records
• settings:manage — Project settings
• members:manage — Team members

Firebase permissions (added when connected)

• push:send — Send push notifications
• remote_config:read / remote_config:write — Remote Config
• firebase:auth:read / firebase:auth:write — Firebase Auth
• firebase:firestore:read / firebase:firestore:write — Firestore
• firebase:functions:read / firebase:functions:write — Cloud Functions

Supabase permissions (added when connected)

• supabase:connect — Connect Supabase via OAuth
• supabase:auth:read / supabase:auth:write — Auth Users
• supabase:functions:read — Edge Functions (read-only)
• supabase:cron:read — Cron Jobs (read-only)

Neon permissions (added when connected)

• neon_mgmt:connect — Connect Neon Management API
• neon:branch:read — Neon branches (read-only)
• neon:compute:read — Compute endpoints (read-only)
• neon:database:read — Databases · IP Allow · Replication (read-only)

Inviting members

Permission overrides

Owners and Admins can customize permissions for individual members beyond the default set. This is done through the permission overrides system.

Member limits

The maximum number of members per project depends on your plan (Owner included):

• Free — Up to 2 members
• Starter ($9/mo) — Up to 2 members
• Plus ($24/mo) — Up to 6 members
• Max ($49/mo) — Up to 20 members

Read-only access

If you downgrade from a paid plan to Free, projects beyond your active project become read-only. Team members can still view data but cannot make changes until the project is set as active or the plan is upgraded.