Governance

Team and access management

Team and access management controls who can configure the platform, who can participate in response, and which teams own services.

Audience: Owners, admins, engineering managers

Organization roles

Owner: full organization control, including owner grants and critical access management.
Admin: can manage operational configuration such as monitors, services, routing, alerting, API keys, and teams.
Member: can view operational data and participate in incident response.
Owners can add explicit allow or deny permission overrides for product areas such as reports, integrations, routing, API keys, and incidents.
Only owners can manage owner access.
The system protects against removing or demoting the last owner.

Invitations

Invite users by email and role from Team & access.
Existing users can be added directly to the organization.
Unknown users receive pending invitation records that are accepted when they sign up or sign in.
Pending invitations can be revoked.

Service teams

Create teams from the Services page.
Assign users to service teams as lead or member.
Use owner teams on services to show responsibility during incidents.
Team membership changes are audit logged.

Related documentation

Audit log

Review access, configuration, API key, incident, review, and team-management events.

Services and SLOs

Model owned services, link monitors, define dependencies, and track service-level objectives.

Trust and security

Understand RBAC, audit logs, key handling, private routes, operational records, and enterprise readiness controls.