Skip to main content
Control who has access to your Boosterberg account and manage Facebook permissions securely.

Facebook permissions

Required permissions

Boosterberg requires these Facebook permissions to function:
PermissionPurposeRequired
Manage PagesView and manage your pages✅ Yes
Manage AdsCreate promoted posts✅ Yes
Read InsightsAccess analytics data✅ Yes
Create AdsPromote posts through Meta’s Marketing API✅ Yes
Denying any required permission will prevent Boosterberg from functioning properly.

Optional permissions

These permissions enhance functionality but aren’t required:
PermissionPurposeRequired
Manage CommentsRespond to comments on promoted posts❌ No
Access MessagesView message metrics❌ No

Reviewing permissions

Check what permissions Boosterberg has:
  1. Go to Facebook Settings > Business Integrations
  2. Find Boosterberg in the list
  3. Click View and Edit to see granted permissions

Revoking permissions

To revoke specific permissions:
1

Go to Facebook settings

Navigate to Settings > Business Integrations on Facebook.
2

Find Boosterberg

Locate Boosterberg in your connected apps list.
3

Edit or remove

Click Remove to disconnect completely, or View and Edit to modify specific permissions.
Removing required permissions will break Boosterberg functionality.

Two-factor authentication

Facebook 2FA

Enable two-factor authentication on your Facebook account for enhanced security:
  1. Go to Facebook Settings > Security and Login
  2. Enable Two-Factor Authentication
  3. Choose authentication method (SMS, authenticator app, or security key)
Boosterberg works seamlessly with Facebook 2FA. You’ll only need to authenticate when connecting or reconnecting your account.

Boosterberg 2FA

Enable two-factor authentication for your Boosterberg account:
  1. Go to Settings > Security
  2. Click Enable Two-Factor Authentication
  3. Scan QR code with your authenticator app
  4. Enter verification code to confirm
Use the same authenticator app for both Facebook and Boosterberg for easier management.

Team access control

User roles

Assign team members different access levels:

Admin

  • Full access to all features
  • Manage billing and payments
  • Add/remove team members
  • Connect/disconnect Facebook accounts
  • Delete campaigns and data

Manager

  • Create and edit campaigns
  • View all analytics
  • Manage page settings
  • Cannot access billing or team settings

Analyst

  • View-only access to analytics
  • Export reports
  • Cannot create or edit campaigns

Viewer

  • View campaigns and basic metrics
  • No editing capabilities
  • Limited report access

Adding team members

1

Navigate to team settings

Go to Settings > Team Members.
2

Click Add Member

Enter the team member’s email address.
3

Assign role

Choose the appropriate role based on their responsibilities.
4

Select page access

Choose which pages they can access (optional - restrict to specific pages).
5

Send invitation

Click Send Invite. They’ll receive an email to join.

Managing team members

Change roles

  1. Go to Settings > Team Members
  2. Click on a team member
  3. Select new role and click Update

Remove access

  1. Go to Settings > Team Members
  2. Click Remove next to the team member
  3. Confirm removal
Removed team members immediately lose access to all campaigns and data.

Page-specific access

Restrict team members to specific pages: 
Example:
- User A: Access to "Brand X" page only
- User B: Access to "Brand Y" page only
- User C (Admin): Access to all pages
This is useful when managing multiple clients or brands.

API access

Generating API keys

For advanced integrations, generate API keys:
  1. Go to Settings > API
  2. Click Generate New Key
  3. Name the key and set permissions
  4. Copy and securely store the key
API keys provide programmatic access to your account. Keep them secure and never share them publicly.

API key permissions

Control what each API key can do:
  • Read-only: View campaigns and analytics
  • Campaign management: Create and edit campaigns
  • Full access: All operations including billing

Revoking API keys

Immediately revoke compromised keys:
  1. Go to Settings > API
  2. Find the key to revoke
  3. Click Revoke
Revoked keys stop working immediately.

Security best practices

  • Minimum 12 characters
  • Mix of letters, numbers, and symbols
  • Unique password for Boosterberg
  • Use a password manager
  • Enable on Facebook account
  • Enable on Boosterberg account
  • Use authenticator app (more secure than SMS)
  • Audit team members quarterly
  • Remove inactive users
  • Review Facebook permissions monthly
  • Check API key usage
  • Enable login notifications
  • Review activity logs
  • Set up spending alerts
  • Watch for unusual campaign activity

Activity logs

View all account activity:
  • Login attempts and locations
  • Campaign creations and modifications
  • Team member changes
  • Permission updates
  • API key usage
Access logs at Settings > Activity Log.

Compliance and data privacy

Data access

Boosterberg only accesses:
  • Page posts and public information
  • Ad account for creating campaigns
  • Analytics and insights data
Boosterberg does NOT access:
  • Personal Facebook profile data
  • Private messages
  • Friends lists
  • Personal photos or posts

Data retention

  • Campaign data: Retained indefinitely
  • Analytics data: Retained for 2 years
  • Deleted campaigns: Data removed after 30 days
  • Removed pages: Data removed after 90 days

GDPR compliance

Boosterberg is GDPR compliant:
  • Request your data export
  • Request account deletion
  • Manage consent preferences
Contact support for data requests.

Next steps

Manage your team

Add members and assign roles

Configure security

Set up advanced security options