Identity & Access Management Overview

Access management lets workspace owners manage which users can access different parts of their Segment workspaces.

Access is scoped to a workspace. A Segment user is associated with one or more workspaces, either as an owner or member of each. Users access their Segment account with either email/password credentials, or by using Single Sign On.

Owners manage all aspects of the workspace, and members can have access to specific products and resource types.

  • Note: All Segment workspaces have access to the Workspace owner and Source admin roles. Additional roles are only available to Segment Business Tier accounts.
Source adminProtocols adminPersonas admin
Source read-onlyProtocols read-onlyPersonas user
Warehouse adminPersonas read-only
Warehouse read-only

Check out the Roles documentation for more details.

You can grant Source roles to specific resource instances (for example you could give a member Source admin access for the iOS Prod source only) or to all current and future instances. A user with access to all current and future instances can also create new instances.

The other roles apply to all resource instances within the product area (Warehouses, Tracking Plans, Personas Audiences/Traits). These roles will become more granular very soon.

Note: If you are on a Developer or Team plan, only the workspace owner and source admin roles are available.

Questions? Need help? Contact us!
Can we improve this doc?
Email us:!