Team management

redirect.pizza has three roles for your team members; what are the differences?

Owner

An owner is the primary team manager. This role contains all permissions and can manage the full account.

Member

A member is someone that can be invited by the team's owner. The member will receive an email and can onboard from there.

A member can:

• Create/edit/view/import/export redirects
• Create/edit/view e-mail forwards
• View/edit hostnames
• Dive in analytics
• View the Team's API token
• Manage/edit/delete tags
• Manage the Automatic DNS settings

A member cannot:

• Manage Billing
• Change Team Settings (Team name / Default security settings)
• View the activity log
• Invite & delete other users
• Delete the team

A team always contains at least 1 owner and may have additional members. Contact support to convert existing members into additional owners, or if you want to change the owner of the team.

Read-only

A read-only user can be invited by a team owner and will receive an email to begin onboarding. This user has view-only access within the account and is unable to make any changes. They can view redirects, email forwards, hostnames, and analytics, but cannot create or update anything.

Read-only access is ideal for sharing analytical insights with specific users while preventing unwanted changes.

Billing

A billing user can be used to give your finance team access to your redirect.pizza billing settings like updating credit card details, plan size, as well as downloading receipts. A billing user cannot mutate anything in the account, and can only access the "Billing" tab.

Access control

Available from the Business plan and up.

On top of the three roles described above you can assign specific tags to users or restrict certain tags, ensuring precise and secure role assignment. By default your team members with the roles member & readonly will have full access, which means that they have access to all redirects. But if you have categorized your redirects by using tags, you have the ability to allow access to specific tags or disallow access to specific tags.

The redirects, hostnames, email forwards & analytics will be scoped to only give access to these specific tags, or in case of disallowed specific tags, everything except redirects that contain that tag.

Example 1: Specific access for the Marketing team

Imagine you're aiming to give your marketing team a focused environment. To do this, start by tagging all marketing-related redirects with 'Marketing'. Next, each member of the marketing team should be assigned the 'Marketing' tag in their user profiles. In the Access Control settings, you'll then define a rule: users with the 'Marketing' tag can only access redirects that are also tagged 'Marketing'. This setup ensures that your marketing team has exclusive access to the redirects relevant to their work, helping them stay focused and organized.

Example 2: General access with specific restrictions

In a scenario where you want to provide broad access to your team but need to restrict a particular category for privacy or security reasons, you would start by creating a unique tag, such as 'Restricted', for that category. In your Access Control settings, configure the system to allow all users access to everything except for the redirects tagged with 'Restricted'. This approach ensures that while your team enjoys wide-ranging access to most of the content, sensitive or private information remains secure and accessible only to authorized individuals.