Team & Account Management
Everything about managing your team, seats, and account settings. Covers member roles, permissions, transferring ownership, single sign-on, and consolidating monitors under a shared workspace.
Inviting teammates
- Go to App → Settings → Team
- Enter the email address of the person you want to invite
- They'll receive an invite email with a link to join your workspace
Invites expire after 7 days. Resend from the same settings page if needed.
Seat limits by plan
| Plan | Seats |
|---|---|
| Free | 1 |
| Starter | 2 |
| Pro | 5 |
| Business | Unlimited |
A seat is consumed the moment an invite is accepted. Pending invites do not use a seat.
Roles
| Role | What they can do |
|---|---|
| Owner | Full access — billing, settings, deleting the team |
| Admin | Everything except billing and transferring ownership |
| Member | View and manage monitors and logs |
Change a member's role from App → Settings → Team → Edit role.
Transferring ownership
Only the current Owner can transfer ownership to another team member:
- Go to App → Settings → Team
- Click the three-dot menu next to the member
- Select Transfer ownership
After transfer, your role becomes Admin. You can only transfer to a member who has already accepted their invite.
Removing a member
Go to App → Settings → Team → Remove. Removing a member immediately revokes their access. Their API keys associated with your team are also revoked.
Single Sign-On (SSO)
SSO is available on the Business plan.
Who can configure SSO: only the workspace owner. Admins and members cannot create or edit the SSO configuration, manage verified domains, or run the SSO test flow — those actions return an error if you are not the owner. (Owners and admins can view the current SSO configuration.)
Where to configure: open /app/<workspace-id>/sso in the app (for example from Settings → Team → Configure SSO when you are the owner), or navigate to the SSO page from your workspace URL.
DiffHook supports SAML 2.0 with any identity provider (Okta, Azure AD, Google Workspace, etc.). Once SSO is enabled, team members must authenticate via your IdP. You can optionally enforce SSO and prevent password-based login.
Contact support@diffhook.com to request an SSO setup walkthrough.
Changing your email or password
Go to App → Settings → Account to update your email address or password.
Changing your email sends a confirmation link to the new address. Your old email remains active until the new one is confirmed.
If you signed up via Google OAuth, you won't have a password. To add one, use Forgot password from the login page.
Two-factor authentication (2FA)
Enable 2FA from App → Settings → Account → Security. DiffHook supports authenticator apps (TOTP). Recovery codes are shown once at setup — store them somewhere safe.
If you lose access to your authenticator, use a recovery code or contact support@diffhook.com with proof of account ownership.
Passkeys
DiffHook supports passkeys (WebAuthn / FIDO2) as a password-free login method. Register a passkey from App → Settings → Account → Security → Passkeys. Passkeys are tied to your device or password manager and are phishing-resistant by design.
You can register multiple passkeys (e.g. laptop + phone) and remove individual ones at any time.
Deleting your account
To delete your personal account, go to App → Settings → Account → Delete account. This removes your profile and all personal data.
Owned teams: If you are the Owner of a team, you must transfer ownership or delete the team before you can delete your account.
Archiving a team
Go to App → Settings → Danger zone → Archive team. Archiving a team permanently and immediately deletes all data — monitors, logs, snapshots, API keys, and member access. This action cannot be undone and there is no recovery window.