> ## Documentation Index
> Fetch the complete documentation index at: https://boosterberg.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Permissions & access

> Manage security, permissions, and team access for your Facebook and Instagram integration

Control who has access to your Boosterberg account and manage Facebook permissions securely.

## Facebook permissions

### Required permissions

Boosterberg requires these Facebook permissions to function:

| Permission        | Purpose                                    | Required |
| ----------------- | ------------------------------------------ | -------- |
| **Manage Pages**  | View and manage your pages                 | ✅ Yes    |
| **Manage Ads**    | Create promoted posts                      | ✅ Yes    |
| **Read Insights** | Access analytics data                      | ✅ Yes    |
| **Create Ads**    | Promote posts through Meta's Marketing API | ✅ Yes    |

<Warning>
  Denying any required permission will prevent Boosterberg from functioning properly.
</Warning>

### Optional permissions

These permissions enhance functionality but aren't required:

| Permission          | Purpose                               | Required |
| ------------------- | ------------------------------------- | -------- |
| **Manage Comments** | Respond to comments on promoted posts | ❌ No     |
| **Access Messages** | View message metrics                  | ❌ No     |

### Reviewing permissions

Check what permissions Boosterberg has:

1. Go to Facebook **Settings** > **Business Integrations**
2. Find Boosterberg in the list
3. Click **View and Edit** to see granted permissions

### Revoking permissions

To revoke specific permissions:

<Steps>
  <Step title="Go to Facebook settings">
    Navigate to **Settings** > **Business Integrations** on Facebook.
  </Step>

  <Step title="Find Boosterberg">
    Locate Boosterberg in your connected apps list.
  </Step>

  <Step title="Edit or remove">
    Click **Remove** to disconnect completely, or **View and Edit** to modify specific permissions.

    <Warning>
      Removing required permissions will break Boosterberg functionality.
    </Warning>
  </Step>
</Steps>

## Two-factor authentication

### Facebook 2FA

Enable two-factor authentication on your Facebook account for enhanced security:

1. Go to Facebook **Settings** > **Security and Login**
2. Enable **Two-Factor Authentication**
3. Choose authentication method (SMS, authenticator app, or security key)

<Note>
  Boosterberg works seamlessly with Facebook 2FA. You'll only need to authenticate when connecting or reconnecting your account.
</Note>

### Boosterberg 2FA

Enable two-factor authentication for your Boosterberg account:

1. Go to **Settings** > **Security**
2. Click **Enable Two-Factor Authentication**
3. Scan QR code with your authenticator app
4. Enter verification code to confirm

<Tip>
  Use the same authenticator app for both Facebook and Boosterberg for easier management.
</Tip>

## Team access control

### User roles

Assign team members different access levels:

#### Admin

* Full access to all features
* Manage billing and payments
* Add/remove team members
* Connect/disconnect Facebook accounts
* Delete campaigns and data

#### Manager

* Create and edit campaigns
* View all analytics
* Manage page settings
* Cannot access billing or team settings

#### Analyst

* View-only access to analytics
* Export reports
* Cannot create or edit campaigns

#### Viewer

* View campaigns and basic metrics
* No editing capabilities
* Limited report access

### Adding team members

<Steps>
  <Step title="Navigate to team settings">
    Go to **Settings** > **Team Members**.
  </Step>

  <Step title="Click Add Member">
    Enter the team member's email address.
  </Step>

  <Step title="Assign role">
    Choose the appropriate role based on their responsibilities.
  </Step>

  <Step title="Select page access">
    Choose which pages they can access (optional - restrict to specific pages).
  </Step>

  <Step title="Send invitation">
    Click **Send Invite**. They'll receive an email to join.
  </Step>
</Steps>

### Managing team members

#### Change roles

1. Go to **Settings** > **Team Members**
2. Click on a team member
3. Select new role and click **Update**

#### Remove access

1. Go to **Settings** > **Team Members**
2. Click **Remove** next to the team member
3. Confirm removal

<Warning>
  Removed team members immediately lose access to all campaigns and data.
</Warning>

### Page-specific access

Restrict team members to specific pages:

```
Example:
- User A: Access to "Brand X" page only
- User B: Access to "Brand Y" page only
- User C (Admin): Access to all pages
```

This is useful when managing multiple clients or brands.

## API access

### Generating API keys

For advanced integrations, generate API keys:

1. Go to **Settings** > **API**
2. Click **Generate New Key**
3. Name the key and set permissions
4. Copy and securely store the key

<Warning>
  API keys provide programmatic access to your account. Keep them secure and never share them publicly.
</Warning>

### API key permissions

Control what each API key can do:

* **Read-only**: View campaigns and analytics
* **Campaign management**: Create and edit campaigns
* **Full access**: All operations including billing

### Revoking API keys

Immediately revoke compromised keys:

1. Go to **Settings** > **API**
2. Find the key to revoke
3. Click **Revoke**

Revoked keys stop working immediately.

## Security best practices

<AccordionGroup>
  <Accordion title="Use strong passwords">
    * Minimum 12 characters
    * Mix of letters, numbers, and symbols
    * Unique password for Boosterberg
    * Use a password manager
  </Accordion>

  <Accordion title="Enable 2FA everywhere">
    * Enable on Facebook account
    * Enable on Boosterberg account
    * Use authenticator app (more secure than SMS)
  </Accordion>

  <Accordion title="Review access regularly">
    * Audit team members quarterly
    * Remove inactive users
    * Review Facebook permissions monthly
    * Check API key usage
  </Accordion>

  <Accordion title="Monitor account activity">
    * Enable login notifications
    * Review activity logs
    * Set up spending alerts
    * Watch for unusual campaign activity
  </Accordion>
</AccordionGroup>

## Activity logs

View all account activity:

* Login attempts and locations
* Campaign creations and modifications
* Team member changes
* Permission updates
* API key usage

Access logs at **Settings** > **Activity Log**.

## Compliance and data privacy

### Data access

Boosterberg only accesses:

* Page posts and public information
* Ad account for creating campaigns
* Analytics and insights data

Boosterberg does NOT access:

* Personal Facebook profile data
* Private messages
* Friends lists
* Personal photos or posts

### Data retention

* Campaign data: Retained indefinitely
* Analytics data: Retained for 2 years
* Deleted campaigns: Data removed after 30 days
* Removed pages: Data removed after 90 days

### GDPR compliance

Boosterberg is GDPR compliant:

* Request your data export
* Request account deletion
* Manage consent preferences

Contact support for data requests.

## Next steps

<CardGroup cols={2}>
  <Card title="Manage your team" icon="users" href="/account/team-members">
    Add members and assign roles
  </Card>

  <Card title="Configure security" icon="shield-check" href="/account/security">
    Set up advanced security options
  </Card>
</CardGroup>