The problem with shared accounts
Most analytics tools are single-seat or charge per user like it's 2014. Teams end up sharing a login — the CEO has the password, the PM, the CS lead, the intern. Someone deletes a flow by accident. Someone else exports the event stream to a spreadsheet and leaks it. Nobody knows who changed the AI diagnosis prompt. The tool becomes a coordination problem instead of a collaboration tool.
How it works
Open Team Members
Go to Settings → Team Members. You'll see everyone currently on the project with their role and an invite form.
Invite by email
Enter their email and pick a role. Onboardics sends a branded invitation email via Resend with a link to join.
They sign in
They click the link, sign in with Google or magic link, and they're on the project at the role you chose. No approval step.
Change roles anytime
Promote, demote, or remove. Role changes take effect on their next page load. The audit log records who did what.
The four-role model
Four tiers of access, each a strict superset of the one below. Designed so the common roles in a product org map to the right permissions without custom configuration.
| Role | Read data | Edit flows & metrics | Run AI diagnosis | Invite teammates | Change billing | Delete project |
|---|---|---|---|---|---|---|
| Owner | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Admin | ✓ | ✓ | ✓ | ✓ | — | — |
| Editor | ✓ | ✓ | ✓ | — | — | — |
| Viewer | ✓ | — | — | — | — | — |
Which role for which teammate?
- Owner: the founder or team lead who owns billing and can delete the project. Usually one person.
- Admin: product managers or team leads who run the operating cadence — invite new teammates, tune AI diagnosis prompts, configure metrics, manage flows.
- Editor: product designers, growth marketers, or ICs who create and ship flows, run A/B tests, and generate AI diagnoses but don't manage the team itself.
- Viewer: customer success, executives, investors, and contractors who need to see dashboards but must not edit anything. Read-only guarantees.
How many teammates per plan
If you hit your plan limit, the invite form shows an upgrade prompt instead of silently failing.
Security you can explain to legal
- Every authenticated API endpoint verifies the user's role before returning data or making changes. Role checks happen server-side on every request — not once at login.
- Role hierarchy is enforced in a single shared helper (
api/lib/require-project-role.js). Adding a new endpoint cannot skip it — a build-time check fails the deploy if it does. - Demoting a teammate takes effect on their next page load. Removing them is instant.
- Owners cannot accidentally remove themselves while they're the only owner. Delete-project requires confirmation.
- All member changes are logged with the actor's email for audit.
How this is different
Pendo charges per seat. Appcues charges per MAU and per seat. Userpilot caps Growth at 3 seats on a $349/mo starter plan. Onboardics caps Growth at 3 seats on $199/mo, Scale at 10 seats on $399/mo, and Business at unlimited on $799/mo — and the role model is the same across every tier. You don't pay more to give someone the right permissions.
Pricing
Team collaboration is available on every plan, including Free. Free and Starter are single-seat (owner only). Growth adds up to 3 members, Scale up to 10, and Business is unlimited.