Documentation

We are here to help you get from zero to one fast.

Get Started    Discussions

Team Management

reading time 5 minutes

Access Levels

Doppler offers 3 levels of access: owner, admin, and member.

Access Level
Description

Owner

Has access to everything in your Doppler workplace.

Admin

Has access to all of Enclave and Radar, but does not have access to the Team, Settings, and Billing dashboards.

Member

Does not have access to Enclave projects initially. An owner or admin must add them to each Enclave project manually. Learn more

Here is a detailed breakdown of the access levels with the individual permissions.

Core

Owner
Admin
Member

Activity Logs

Read

Read

Team

Invite
Roll API Key
Remove

Billing

Write

Settings

Write

Enclave

Owner
Admin
Member

Projects

Read
Create
Rename
Delete

Read
Create
Rename
Delete

Invite Required

Project Tools

Webhooks
Member Access

Webhooks
Member Access

Configs

Read
Create
Rename
Duplicate
Delete

Read
Create
Rename
Duplicate
Delete

Read

Config Logs

Read
Rollbacks

Read
Rollbacks

Read
Rollbacks

Radar

Owner
Admin
Member

Repositories

Read

Read

Read

Repository Tools

Ignore Secrets

Ignore Secrets

Ignore Secrets

Adding Users

Doppler offers 3 ways to add users to your workplace: manual invites, email single-sign-on, and saml single-sign-on. Let's go over how and when to use each method.

Manual Invites

When you need to add individual users that may not be in your identity provider or google domain, adding them manually to Doppler is an easy way to get them on the workplace.

To add a user, go to the team dashboard.

Then click Invite User, which will present a modal asking for the users work email and access level.

Email Single Sign-On

Google Email SSO is a great way to quickly set up your workplace to onboard your entire company. To setup SSO head over the the Email Single Sign-On section on the team page. Then add the domain(s) a user needs to have to be automatically added to the workplace on registration. You will also need to select the default access level a user will receive when joining your workplace.

SAML Single Sign-On

Similarly to Email SSO, when SAML SSO is set up your team will be able to join the workplace using the SSO login flow. To set up single sign-on, head over to the SAML Single Sign-On section on the team page. We also have a great guide to help get you started.

You will need to fill in 3 fields to setup single sign-on: identity provider xml, email domain, and the default access level. Once those are saved you should see a SSO URL which will login or register your users.

Removing Users

Removing a user from Doppler is simple. Once you find the user you would like to remove, click the Remove button. A confirmation modal will appear. After confirming, the user will be immediately removed from the workplace, and all their Doppler API Keys and CLI Tokens will be revoked.

Updated 3 days ago



Team Management


reading time 5 minutes

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.