Access Control

Proper access control is a crucial component of any observability solution. In Dash0, we've designed a flexible access control system that balances security with usability, ensuring your team can collaborate effectively while maintaining appropriate permission boundaries.

User Roles

Dash0 provides two primary user roles to manage access within your organization: Admin and Member. These roles determine what actions users can perform within the Dash0 platform.

You can invite users and modify their roles within your organization settings in the dialog under Members.

Organization settings screen showing members of the organization
Invite users and change their roles within the settings screen.

User Role Permission Comparison

PermissionAdminMember
View traces, logs, and metrics
Create and edit spam filters
Create, edit and share dashboards
Create and edit views
View check rules and failed checks
Edit check rules
Invite new users to the organization
Remove users from the organization
Change user roles
View endpoints
View and edit auth tokens
View datasets
Create and edit datasets
View notification channels
Create and edit notification channels
Modify billing information
View usage and billing data
Rename, change avatar and delete organization

Auth Tokens

Dash0 provides auth tokens that enable programmatic interaction with the platform. These tokens are essential to send data to Dash0 or to integrate Dash0 with other solutions and technologies, e.g., Grafana or Terraform.

Auth tokens are of the form auth_abc123... and you can manage them through your organization's settings.

The Dash0 organization settings screen showing the auth token dialog
Within the auth token settings you can manage your authentication tokens, and see whether they are still in use.

Key Features of Auth Tokens

  • Organization-level scope: Auth tokens operate at the organization level, allowing access to all permitted resources within that organization.
  • Configurable permissions: Administrators can create tokens with specific permission scopes.
  • Revocable access: Tokens can be immediately revoked if compromised or no longer needed.

Resource-Based Access Control

In addition to user roles, Dash0 implements granular access control at the resource level, particularly for user-created assets like dashboards.

Resource owners can assign the following permission levels to other users based on their roles:

  • No access: As the same implies.
  • View: Users can view the resource but cannot modify it.
  • Edit: Users can both view and modify the resource, including the ability to delete it and manage access permissions.
The dashboard settings are accessible through a side-bar
Modify access granted to dashboards via the dashboard's settings panel.

Last updated: May 4, 2025