Users and permissions

Manage access control for your containers.
If a team member who is the sole administrator of your Tag Manager account changes roles, you can get locked out of your account. Plan ahead for how account ownership will be handled if a member of your team change roles, and ensure that there are at least two active administrator accounts. Learn more.

Google Tag Manager allows you to delegate access to other users at the Account and Container level. Users can be granted the ability to view or administer other users at the Account level, and can be granted read, edit, approve, or publish rights at the Container level.

You may only delegate access to Google accounts. These might be Gmail accounts, accounts managed through organizations using G Suite, or other accounts created at accounts.google.com.

To add or modify users at the Account level:

  1. Click Admin.
  2. Under Account, select User Management.
  3. To add a new user:
    1. Click New.
    2. Enter the user's email address.
    3. Set Account Permissions ("User" or "Admin").
    4. Optional: Set Container Permissions for each container that you would like the user to have access to.
    5. Click Add.
  4. To edit an existing user:
    • Select their email address from the Account User Management listing.
    • Modify Account Permissions as necessary.
    • Modify Container Permissions as necessary.
    • Click Save to save your changes, Cancel to exit without making any changes, or Delete to remove the user.

To edit user permissions for a specific container:

  1. Click Admin.
  2. Under Container, select User Management.
  3. To add a new user:
    • Click New.
    • Enter the user's email address.
    • Set Container Permissions.
    • Click Add.
  4. To edit an existing user:
    • Select their email address from the Container User Management listing.
    • Change the user's email address as necessary.
    • Modify Container Permissions as necessary.
    • Click Save to save your changes, Cancel to exit without making any changes, or Delete to remove the user.

Account permissions

Account permissions at the account level can be set to either Admin or User. You may also fine-tune permissions for specific containers on the Container Permissions table.

Container permissions

Access can be assigned on a per-container basis. For a given container, a user may be assigned:

  • No access: The user will not see the container listed in the account.
  • Read: The user will see the container listed and may browse the tags, triggers, and variables in the container, but will not have the ability to make any changes.
  • Edit: The user has rights to create workspaces and make edits but not create versions or publish.
  • Approve: The user has rights to create versions, workspaces, and make edits but not publish.
  • Publish: The user has full rights to create versions, workspaces, make edits, and publish.
Was this article helpful?
How can we improve it?