StatusDrift provides a flexible permission system that allows you to control team member access at both the organization level and individual group level. This guide explains the available roles and how to assign them effectively.
Understanding the Role Hierarchy
StatusDrift uses a two-tier permission model:
- Organization-level roles – Global permissions that apply across all groups
- Group-level permissions – Granular access to specific monitor groups
Organization-Level Roles
When inviting a new team member, you assign them one of the following organization-level roles:
Admin
Admins have complete control over the StatusDrift account. This includes:
- Full access to all monitors, status pages, and groups
- Ability to manage billing and subscription settings
- Can invite, edit, and remove team members
- Configure organization settings including SAML/SSO
- Access to all integrations and API keys
- Can create and delete groups
Best for: Account owners, IT administrators, and senior team leads who need unrestricted access.
Global Editor
Global Editors can modify resources across all groups but cannot access administrative functions:
- Create, edit, and delete monitors in any group
- Manage status pages and their components
- Configure alert rules and notification channels
- Create and manage incidents
- View all reports and analytics
Cannot: Access billing, manage team members, or configure organization settings.
Best for: DevOps engineers, SREs, and technical leads who manage monitoring across multiple teams.
Global Viewer
Global Viewers have read-only access across the entire organization:
- View all monitors, status pages, and groups
- Access dashboards and reports
- View incident history and response times
- See alert configurations (but not modify them)
Cannot: Create, edit, or delete any resources. Cannot send communications or manage incidents.
Best for: Stakeholders, managers, or auditors who need visibility without modification rights.
Global Communication
The Global Communication role is designed for team members responsible for incident communication:
- View all monitors and status pages
- Create and update incidents across all groups
- Post status updates and scheduled maintenance notices
- Send subscriber notifications
Cannot: Modify monitor configurations, manage team members, or access billing.
Best for: Customer support leads, communications managers, or on-call responders focused on incident updates.
Member (Group Access)
Members have no default organization-wide permissions. Instead, their access is determined entirely by group-level permissions you assign:
- Access only the groups they are explicitly assigned to
- Permissions within each group are configurable (View, Editor, or Communication)
- Cannot see monitors or status pages in unassigned groups
Best for: Team members who should only access specific projects or departments.
Group-Level Permissions
For users with the Member role (or to further customize access), you can assign specific permissions at the group level:
View
Users with View permission on a group can:
- See all monitors within the group
- View status pages associated with the group
- Access uptime reports and incident history
- See alert configurations
Editor
Users with Editor permission on a group can do everything a Viewer can, plus:
- Create, modify, and delete monitors
- Edit status page configurations
- Manage alert rules for the group
- Configure integrations specific to the group
Communication
Users with Communication permission on a group can:
- View all resources within the group
- Create and manage incidents for the group
- Post status updates to the group’s status pages
- Send notifications to subscribers
Note: Communication permission does not include editing monitors or status page settings.
How to Invite Team Members
To add a new collaborator to your StatusDrift account:
- Navigate to Collaborators in the main menu
- Click Invite Collaborator
- Enter the team member’s email address
- Select their organization-level role from the dropdown
- If you selected Member (Group Access), assign specific group permissions
- Click Send Invitation
The invited user will receive an email with instructions to join your organization.
Modifying Permissions
To change an existing team member’s role or permissions:
- Go to Collaborators
- Find the team member in the list
- Click the Edit button next to their name
- Modify their role or group permissions as needed
- Save your changes
Permission Inheritance
Understanding how permissions cascade is important for proper access control:
- Admin permissions override all group-level settings
- Global roles (Editor, Viewer, Communication) apply to all groups automatically
- Member role users only see groups where they have explicit permissions
- Higher permissions always take precedence (Editor overrides Viewer within the same group)
SAML Group Mappings
If you use SAML SSO, you can automatically assign roles based on identity provider group memberships. See Configuring SAML/SSO Integration for details on setting up group mappings.
Best Practices
- Principle of least privilege: Start with minimal permissions and expand as needed
- Use groups effectively: Organize monitors by team or project to simplify permission management
- Regular audits: Periodically review team member access to ensure it matches current responsibilities
- Document role assignments: Keep records of who has access to what and why
- Leverage SAML mappings: Automate role assignment through your identity provider when possible
For questions about role configuration or permission management, contact our support team at [email protected].