Add a User to LogRocket | OpsBlu Docs

Add a User to LogRocket

How to invite team members and grant access to Logrocket. Covers role assignment, permission levels, API key generation, and onboarding best practices for.

Follow these steps to grant the collaborator access to your LogRocket organization and apps.

Prerequisites

  • Identify which LogRocket apps the collaborator should access (production, staging, development).
  • Determine the required organization role (Owner, Admin, Member).
  • Determine app-level roles for each app (Admin, Member, Viewer).
  • If SSO/SCIM is enabled, ensure the user is provisioned in your identity provider.
  • Confirm you have Organization Admin or Owner rights.

Invite the Collaborator

  1. Log into LogRocket and navigate to Settings → Organization → Team.
  2. Click Invite Team Member and enter the collaborator's email address.
  3. Choose the appropriate Organization Role:
    • Owner: Full control over organization, billing, and all apps. Reserve for client organization owners only.
    • Admin: Can invite users, create apps, manage integrations. Select if the collaborator will manage the LogRocket environment.
    • Member: Access to apps they're invited to, but cannot manage organization settings. Default for most collaborators.
  4. Click Send Invitation.
  5. Document the invitation details and request number in your IAM tracker.

Assign App-Level Permissions

After the collaborator accepts the invitation, assign app-level permissions:

  1. Navigate to Settings → Organization → Team.
  2. Find the collaborator in the team list.
  3. Click the Apps column to manage app access.
  4. For each app (production, staging, development):
    • Click Add to App if not already added.
    • Select the appropriate app role:
      • Admin: Full control over app settings, privacy, source maps, integrations. Grant for implementation or configuration work.
      • Member: View sessions, create filters, share sessions. Cannot modify app settings. Grant for support or analysis work.
      • Viewer: Read-only access to sessions and dashboards. Grant for limited visibility needs.
  5. Save changes for each app.
  6. Update your access log with app permissions granted.

After Inviting

  • Monitor the pending invitation until the collaborator accepts.
  • Share any MFA, VPN, or login policies with the collaborator.
  • Verify the collaborator can access the correct apps and has appropriate permissions.
  • Document which API keys (if any) the collaborator will need and create them if required.
  • Update your access log with the final access configuration.

API Key Creation (If Needed)

If the collaborator needs API access for source map uploads, integrations, or programmatic access:

  1. Navigate to Settings → API Keys.
  2. Click Create API Key.
  3. Name the key clearly (e.g., "Collaborator - Source Maps - Production").
  4. Set permissions (read-only or read/write).
  5. Copy the API key and securely share with the collaborator.
  6. Document the API key in your IAM tracker:
    • Key name
    • Created by/for
    • Purpose
    • Expiration date (if applicable)
    • Rotation schedule

Troubleshooting

  • Invitation not received: Check spam folder, allowlist @logrocket.com emails, and resend invitation.
  • SSO enforced: Ensure the user is mapped to a LogRocket role through your identity provider before logging in. The collaborator should use SSO login, not email invitation.
  • Cannot assign to app: Verify the collaborator accepted the organization invitation first. App access can only be assigned after they join the organization.
  • Need temporary access: Set a calendar reminder to remove or downgrade the account at the end of the engagement period.

Verification Checklist

  • Collaborator invitation sent and accepted
  • Organization role assigned (Owner, Admin, or Member)
  • App-level permissions configured for each relevant app
  • API keys created and documented (if needed)
  • Access logged in IAM tracker with request number
  • Collaborator confirmed they can access expected apps
  • Calendar reminder set for access review or removal (if temporary)

Example Access Configuration

Scenario: Collaborator implementing LogRocket across production and staging environments.

Organization Role: Admin (can create apps, manage integrations)

App Access:

  • Production App: Admin (configure privacy, upload source maps, manage integrations)
  • Staging App: Admin (configure and test before production deployment)
  • Development App: Not added (not in scope)

API Keys:

  • Production Source Maps: Read/Write
  • Staging Source Maps: Read/Write

Documentation:

  • IAM ticket: #1234
  • Access granted: 2024-01-15
  • Access review date: 2024-07-15 (6 months)
  • Created by: John Doe (Organization Owner)
Nach oben