Collaborate with multiple users on your experiments and manage access to your Optimize configuration and reporting data. Use this article to create and manage the roles and permissions of your Optimize users.
In this article:User manager
The Optimize user manager allows you to add, modify, and delete users and change their role.
To manage roles and permissions in Optimize:
- Navigate to your Accounts page.
- Click the Edit permissions button [
] in the header of the account to open Account permissions.
- Select the user you want to edit, or click the Add button [
] to add users or user groups.
] in the header of the account to open Account permissions.Add a user
To add a user to your Optimize account:
- In Account permissions, click the Add button [
- Enter the email address.
- Select the permissions you want to grant.
- Click Invite when complete.
Note: When you add a new User to an Optimize account, they get “Read” access to the containers within the account by default. When you add an Administrator to Optimize, they get “Publish” access to the containers within the account by default. You can edit these permissions at any time.
Edit a user's permissions
You can edit a user’s account and container permissions.
To edit a user's permissions:
- Select the user you want to edit.
- Select the permissions you want to grant.
- Click Save when complete.
You can delete a user by clicking Remove at the top of the panel.
User roles
Optimize permissions are assigned and managed at the account and container level. The following roles are available at each level.
Account–level permissions
The following roles are available at the account level:
- User – Can view other users.
- Admin – Can view and manage users. Can create and view containers.
This table breaks down which features are available to which role at the account level:
| Users | Containers | |||||||
|---|---|---|---|---|---|---|---|---|
| Account | View | Manage | Create | View | Edit | Publish | Delete | Settings |
| User | Yes | - | - | - | - | - | - | - |
| Admin | Yes | Yes | Yes | Yes | - | - | - | - |
Container–level permissions
The following roles are available at the container level:
- No access – Can’t view containers or experiments.
- Read – Can view containers and experiments.
- Edit – Can view and edit containers and experiments. Cannot start experiments or change property linking.
- Publish – Can view, edit, and delete containers, experiments and property linking. Can start experiments.
Roles and features
This table breaks down which features are available to which role at the container level:
| Containers | ||||||
|---|---|---|---|---|---|---|
| Container | Create | View | Edit | Publish | Delete | Linking |
| No access | - | - | - | - | - | - |
| Read | - | Yes | - | - | - | - |
| Edit | - | Yes | Yes | - | - | - |
| Publish | - | Yes | Yes | Yes | Yes | Yes |
Advanced roles and features
Additional features are available at the container permission level which are described in the following table:
| Containers | Previews | Experiments | |||||
| Container | View | Linking | Share | View | Start/Stop | Edit | Archive |
| No access | - | - | - | Yes | - | - | - |
| Read | Yes | - | - | - | - | - | - |
| Edit | Yes | - | Yes | Yes | - | Yes | Yes |
| Publish | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
GMP user management for organization-linked accounts
Google Marketing Platform (GMP) includes a centralized user management system for Google Analytics, Tag Manager, and Optimize accounts.
Organization user managers
GMP organization user managers cannot grant any permissions – unless they also happen to be Optimize account admins. However, an organization user manager can revoke permissions for any user from an Optimize account.
User Groups
You can assign user group permissions for an organization and for individual product accounts within the organization. Members of a group inherit that group's permissions.
Sensitive Optimize permissions
Certain Optimize permissions are considered sensitive and can't be granted via GMP user groups. Only Optimize account admins can grant sensitive permissions, which include:
Account–level permissions
-
Admin
Container–level permissions
-
Edit
-
Publish
Note: This is different than Google Tag Manager's (GTM) set of sensitive permissions.
Learn more about managing user groups in the Google Marketing Platform help center.
Permission denied errors
The most common causes for the "Permission Denied" error in Optimize is insufficient permissions to the Optimize container or to the linked Analytics property.
Permission errors in Optimize reporting
Universal Analytics
You need the Viewer role (or higher) for the Google Analytics view to view the Optimize Reporting tab.
Google Analytics 4
You need the Viewer role (or higher) for the Google Analytics property in order to view the Optimize Reporting tab.
Permission errors performing other actions
Users can check their permissions to both the account and containers within it via the steps in the Edit a user section above. See the User roles section for a description of each role and its associated permissions.
If the user appears to have all the correct permissions above and still gets Permission Denied errors, note exactly where these errors occur and contact us with as many details as possible.
Related video
Quick Tips: Managing Users and Permissions
Related resources
- Google Marketing Platform (GMP)
- User groups – Google Marketing Platform support site
- User permissions – Analytics support site
- User and permissions – Tag Manager support site