User Roles

The permissions of users in Opsgenie are defined by User Roles. In other words, what a user can or cannot do in Opsgenie is decided according to the role of the user.

Default User Roles

Opsgenie provides 5 default roles that can be assigned to users:

  • Owner
  • Admin
  • Default User
  • Stakeholder
  • Observer

❗️

Observer role is only available for old plan customers who subscribed to Opsgenie before November 2, 2018.

The limit to the number of owners, admins and default users is defined according to the subscription plan and these roles are available to all accounts. On the other hand, stakeholder role is available only if the account is granted with Service-Aware Incident Management Overview and observer role is available only if the account is granted with Mass Notification.

User RightOwnerAdminDefault UserStakeholderObserver
Manage Subscription
Manage Roles
Manage All Users(1)
Access/Create/Edit/Delete All Configurations(2)
Display All On-Call Users
Access All Alerts
Delete Alerts
Manage Account Settings(3)
Access Reporting
Access Account Logs
Create Alerts
Perform Alert Actions
Manage Own Notification Rules
Manage Own Quiet Hours and Mute
Receive Alert Notifications
Update Service Status Page Entries
View Service Status Pages
Receive Stakeholder Notifications
Receive Mass Notifications
Manage Own Profile Settings
Manage Own Contacts

📘

(1) Including notification preferences, contacts, quiet hours and mute state
(2) Teams, Escalation, Schedules, Integrations, Policies, Maintenance, Heartbeats, Central Notification Templates
(3) Account Time Zone, Account Locale, Security Settings, Single Sign-On

Owner

Owners are the users that have the account ownership. Each account should have at least 1 owner and can have multiple owners. Owners are able to manage the account subscription settings and billing. Furthermore, Opsgenie sends subscription and payment related update e-mails to account owners.

Opsgenie assigns account ownership to the user that signs up for an Opsgenie account automatically. After then, only owners can manage assigning the owner role.

Admin

Admins are able to manage any kind of account setting, configuration, and users (except owners). However, admins can not manage account subscription settings. There is no limit to the number of admins that an account can have.

Default User

Default users can only access the configurations that they're part of, and they can only access the alerts that they're granted with visibility. In other words, default users can manage the settings that will only affect themselves.

Stakeholder

Stakeholders are only able to manage their own profile settings and contacts, and view the Service Status Pages. Stakeholders can be considered as read-only users and they can only receive stakeholder notifications for the incidents, and notifications for the mass notification events if the Mass Notification feature is enabled. Because they can't receive alert notifications, a stakeholder user cannot be a part of a team, an escalation or a schedule.

Observer

❗️

Observer role is only available for old plan customers who subscribed to Opsgenie before November 2, 2018.

Observers are only able to manage their own profile settings and contacts. Observers can be considered as read-only users and they can receive notifications only for the mass notification events. Because they can't receive alert notifications, an observer user can not be a part of a team, an escalation or a schedule. To learn more about the pricing and the limitations of observers, please contact us.

Custom User Roles

You can customize the capabilities of the users in Opsgenie by granting or disgranting the user rights of your choice using Custom User Roles. Please note: that custom user roles are only available for Enterprise Plan.

The following table shows the user rights that can be customized via custom roles:

User RightDescription
Read Only Admin RightRead-only access to all configurations and settings that an Admin can access.
Edit ConfigurationAbility to access and edit all configurations and settings that Admins are capable of (except maintenance and managing roles).
Delete ConfigurationAbility to delete all configurations and settings (except custom user roles and maintenance).
Access to Logs PageAbility to access account logs via Logs Page.
Access to ReportsAbility to access Reports page.
Access to Service Status PageAbility to access Service Status Pages (if Service-Aware Incident Management is available).
Create IncidentAbility to create a new incident (if Service-Aware Incident Management is available).
Create Mass NotificationAbility to create a new mass notification (if Mass Notification is available).
Edit ContactsAbility to add, edit and delete own contacts.
Edit Custom Profile Details and TagsAbility to edit profile tags and custom properties.
Edit Notification RulesAbility to add, edit and delete own notification rules.
Edit ProfileAbility to edit own time zone, locale, username, etc.
Edit Quiet HoursAbility to edit quiet hours settings.
Manage BillingAbility to manage subscription settings of the account.
See All AlertsAbility to see all alerts, even if the user were not notified or granted with visibility.
Update MaintenanceAbility to update the already created/planned Maintenance Policies
Who Is On-Call - Show AllAbility to display on-call users of all schedules, even if the user is not a part of them.
Create AlertAbility to create a new alert.
Acknowledge AlertAbility to acknowledge an alert that is visible to the user.
Close AlertAbility to close an alert that is visible to the user.
Add Note to AlertAbility to add note to an alert that is visible to the user.
Delete AlertAbility to delete an alert that is visible to the user.
Attach to AlertAbility to add a file as an attachment to an alert that is visible to the user.
Delete Attachment from AlertAbility to delete an attachment from an alert that is visible to the user.
UnAcknowledge AlertAbility to unacknowledge an alert that is visible to the user.
SnoozeAbility to snooze an alert that is visible to the user.
Escalate to NextAbility to escalate an alert that is visible to the user to next level.
Take OwnershipAbility to take ownership of an alert that is visible to the user.
AssignAbility to assign an alert that is visible to the user to another user.
Add RecipientAbility to add a new recipient to an alert that is visible to the user.
Add TeamAbility to add a new team to an alert that is visible to the user.
Edit TagsAbility to add a new tag to or to remove an existing tag from an alert that is visible to the user.
Edit DetailsAbility to add a new detail to or remove an existing detail from an alert that is visible to the user.
Execute Custom ActionsAbility to execute custom actions on an alert that is visible to the user.
Acknowledge AllAbility to execute Acknowledge All action on the alerts that are visible to the user.
Close AllAbility to execute Close All action on the alerts that are visible to the user.
Add StakeholderAbility to add stakeholders when creating an incident (if Service-Aware Incident Management is available).
Add ResponderAbility to add responders when creating an incident (if IService-Aware Incident Management is available)
ResolveAbility to resolve an incident that is visible to the user (if Service-Aware Incident Management is available).
ReopenAbility to reopen an incident that is visible to the user (if Service-Aware Incident Management is available).

Creating New Custom User Roles

2030

When you switch to the Roles segment in the Users page, existing custom roles will be listed. To create a new custom role:

  1. Click the Add Role button in the top middle of the page.
1312
  1. If Stakeholder and/or Observer roles are available to your account, select a default role as the base role to extend. If not, the base role will automatically be assigned as Default User role.
  2. Write a name for the custom role into the Role name field.
  3. Tick the user rights that you want to grant the users with this role, and un-tick the user rights that you want to prevent the users with this role.
  4. Click the Add button to save the custom role.
1312

If you select Stakeholder role as the base role, only Access to Service Status Page, Edit Contacts and Edit Profile user rights will be available to customize.

1310

If you select Observer role as the base role, only Edit Contacts and Edit Profile user rights will be available to customize.

Editing or Deleting User Roles

When you mouse-over an existing custom role in the list, Delete and Edit actions will be available.

1368

Team Specific Roles

In addition to the user roles that are applied all across the account, there are also team specific roles that are applied only across the team that the user is assigned for. Team specific roles can grant a user with additional team-related user rights. There are two team specific roles:

  • Team Admin
  • Team Member
Team Related RightTeam AdminTeam Member
Add / Remove Team Members
Access and Manage All Team Members' Profiles
Create/Edit/Delete Routing Rules of the Team
Create/Edit/Delete Escalations for the Team
Create/Edit/Delete Schedules for the Team
Create/Edit/Delete Integrations for the Team
Access Team's Dashboard
Access Escalations, Schedules and Integrations of the Team
Access All Alerts of the Team

📘

When a team admin without global Edit Configuration user right creates a new escalation, schedule or integration, created configuration will automatically be assigned to the team that the user is admin for. You can refer to the Teams and Team Segmentation for further information about the teams and their configurations.