Skip to main content
MoonKey provides role-based access control to help you manage your team securely. By assigning appropriate roles to team members, you can ensure that each person has the right level of access for their responsibilities while maintaining security over sensitive operations.

Available roles

MoonKey supports three distinct roles, each designed for different team responsibilities:
RoleAccess TypeBest For
AdminFull accessTeam owners, technical leads, and senior engineers who manage the account
DeveloperBuild & deployEngineers who integrate MoonKey and configure authentication settings
ViewerRead-onlyProduct managers, support staff, and stakeholders who need visibility only

Role permissions

Admin

Admins have complete control over your MoonKey account and all associated applications. Full dashboard access:
  • Create, configure, and delete applications
  • Manage all authentication settings and configurations
  • View user data and analytics
  • Configure API keys and webhooks
Team management:
  • Invite new team members
  • Change team member roles
  • Remove team members from the account
Account administration:
  • Manage billing and subscription settings
  • Update payment methods
  • Access account-level settings
Security operations:
  • Generate and revoke API secrets
  • Rotate webhook signing keys
  • Delete applications and sensitive data
  • Configure security policies

Developer

Developers can build and configure applications but cannot manage team settings or billing. Application management:
  • Create new applications
  • Configure authentication methods (OAuth, email, wallets)
  • Set up redirect URLs
  • Customize email templates
  • Configure SDK settings
  • View and manage users
  • Access API keys (view only for secrets)
What Developers cannot do:
  • Invite or manage team members
  • Change billing or payment information
  • Delete applications
  • Rotate or revoke API secrets
  • Access account-level administrative settings
The Developer role is ideal for engineers who need to integrate MoonKey into your applications without requiring access to sensitive account management functions.

Viewer

Viewers have read-only access to monitor applications and view data without making changes. Read-only permissions:
  • View all application configurations
  • See authentication settings
  • Access user data and analytics
  • View API documentation and keys (secrets are hidden)
What Viewers cannot do:
  • Create, edit, or delete any configurations
  • Modify authentication settings
  • Invite or manage team members
  • Change billing information
  • Access API secrets
Viewer access is perfect for stakeholders, customer support teams, or external consultants who need visibility into your MoonKey setup without editing capabilities.

Managing your team

Only Admin users can manage team membership and roles.

Adding team members

To invite someone to your MoonKey account:
  1. Navigate to the Team section in your dashboard
  2. Click Invite Team Member
  3. Enter their email address
  4. Select the appropriate role (Admin, Developer, or Viewer)
  5. Click Send Invite
The invited person will receive an email with instructions to accept the invitation and access your MoonKey account.

Updating roles

You can change a team member’s role at any time:
  1. Go to the Team section
  2. Find the team member whose role you want to change
  3. Click on their current role
  4. Select the new role from the dropdown
  5. Confirm the change
Role changes take effect immediately. Be cautious when upgrading someone to Admin or downgrading from Admin, as this affects their access to sensitive operations.

Removing team members

To remove someone from your account:
  1. Navigate to the Team section
  2. Find the team member you want to remove
  3. Click the Remove button next to their name
  4. Confirm the removal
Once removed, the team member immediately loses all access to your MoonKey dashboard and applications.

Security best practices

Follow the principle of least privilege

Grant team members the minimum access level needed for their work. Start with Viewer or Developer access and only promote to Admin when necessary. Common role assignments:
  • Frontend engineers: Developer role to configure SDK and authentication
  • Backend engineers: Developer role to manage API integrations
  • Engineering managers: Admin role for full account control
  • Product managers: Viewer role to monitor usage and configurations
  • Customer support: Viewer role to check user data when troubleshooting

Regular access audits

Periodically review your team members and their assigned roles:
  • Remove access for team members who have left your organization
  • Verify that current roles still match responsibilities
  • Downgrade roles when team members change positions
  • Check for unused or inactive accounts

Protect Admin access

  • Limit the number of Admin users to 2-3 trusted individuals
  • Use Admin accounts only for administrative tasks
  • Consider creating separate Developer accounts for day-to-day work
  • Enable two-factor authentication for all Admin users (if available)

Separation of environments

For maximum security, consider creating separate MoonKey apps for development, staging, and production environments, with different team access:
  • Development apps: Grant Developer access liberally for experimentation
  • Staging apps: Limit Developer access to engineers who deploy to staging
  • Production apps: Restrict Admin access to senior engineers and leads only
When onboarding new team members, start them with Viewer access for a few days. This allows them to familiarize themselves with your MoonKey setup before receiving editing permissions.

Frequently asked questions

Can I have multiple Admins? Yes, you can have as many Admin users as needed. However, we recommend limiting Admin access to key personnel who require full account control. What happens if all Admins leave the organization? Contact MoonKey support immediately if you lose access to all Admin accounts. We can help you regain administrative access after verifying your identity and ownership. Can I create custom roles with specific permissions? Currently, MoonKey supports the three standard roles (Admin, Developer, Viewer). If you need custom permission configurations, please contact our team to discuss your requirements. Do team members need separate MoonKey accounts? No, team members are invited to your organization’s MoonKey account. They’ll use their own email and credentials to log in, but they’ll access your shared applications and configurations. Are there limits on team size? No, you can have as many team members as required.