What are Merge's role-based access controls (RBAC)?
Last updated: March 13, 2026
Overview
Merge currently has four levels of permissions: Members, Supports, Developers, and Admins. Admins are able to modify permissions for other members of their organization via the Organization Page. In general, Admin means full access to all information, Developer means access to everything technical, Support means access only for features necessary for customer investigations, and Member means that API logs are hidden from that team member!
Modifying permissions
To adjust the permissions for team members in Merge, go to your Profile and find the Organizations tab. From there, select the white button with the team member of your choice! A drop-down menu will appear, allowing you to select the permission you would like to assign to the team member.
Permissions breakdown
Permission | Support | Member | Developer | Admin |
Generate a Magic Link | Y | Y | Y | |
Convert Test to Production Linked Accounts | Y | Y | Y | |
Force a Resync on Linked Accounts | Y | Y | Y | Y |
Delete Linked Accounts | Y | Y | Y | |
Update Organization Name | Y | Y | Y | |
Customize Merge Link | Y | Y | Y | |
Enable/Disable Integrations | Y | Y | Y | |
Enforce Organization-wide 2FA | Y | Y | ||
Send API Requests from API Tester | Y | Y | Y | |
Update User Roles | Y | Y | ||
Edit Scopes | Y | |||
Enable Remote Data | Y | |||
View and Create Field Mappings | Y | Y | Y | |
Create Merge Webhooks | Y | Y | ||
View Logs | Y | Y | Y | |
Invite New Users | Y | |||
Enable/Disable Unmapped Data Redaction | Y | |||
Create/Delete API Keys | Y | |||
Add/Modify New Payment Method | Y | |||
Setup Autopay | Y |