search

user-tie-hairRole-Based Access & Tenant Controls

Fibr gives you control over who can access your workspace and what they can do. This page explains how roles work and how to manage your team securely.

hashtag
Understanding Roles

Fibr currently offers two permission levels:

Role
What They Can Do
What They Can't Do

Admin

Everything. Full access to all features, settings, and data.

No restrictions.

Member

Create and manage experiments, personalization campaigns, and view analytics.

Cannot invite/remove team members, access billing, or modify integrations.

Who gets which role?

  • The first person to create a workspace automatically becomes an Admin

  • Admins choose the role when inviting new teammates

  • You can change someone's role at any time from Settings → Team

hashtag
Best Practices for Access Management

  • Limit Admin access: Only give Admin access to people who genuinely need it: team leads, managers, or whoever handles billing and integrations. Most day-to-day users only need Member access.

  • Review access regularly: Check your team list quarterly. Remove anyone who's left the company or no longer needs access. Stale accounts are a security risk.

  • Remove access promptly when someone leaves: When a team member leaves your organization, remove their Fibr access immediately. Go to Settings → Team, find their name, and click Remove.

  • Use SSO for centralized control (Enterprise): If you're on an Enterprise plan, enable SSO. This lets you manage Fibr access through your identity provider, so access is automatically revoked when someone leaves your organization.

hashtag
Workspace Isolation

Each Fibr workspace is completely isolated:

  • Team members can only see data from their own workspace

  • Experiments and campaigns don't cross workspaces

  • Integrations are workspace-specific

If you manage multiple brands or clients, create separate workspaces for each one. This keeps data separate and lets you control access independently.

To create a new workspace: Contact [email protected]envelope. We'll help you set up additional workspaces based on your plan.

hashtag
Coming Soon

We're building more granular permissions for enterprise teams:

  • View-only access for stakeholders who need to see results but not edit campaigns

  • Project-level permissions to restrict access to specific experiments or campaigns

  • Custom roles to define exactly what each team member can do

Want early access or have specific requirements? Let us know at [email protected]envelope.

PreviousWhitelist Fibr in Your Content Security Policy (CSP)NextData Residency, Privacy & Trust

Last updated