DigitalOcean Teams

DigitalOcean teams let multiple users access and manage shared resources (like Droplets, DigitalOcean Load Balancers, and Spaces) without sharing login credentials or billing information.

Plans and Pricing

Teams are available at no cost.

Regional Availability

Teams are available to all DigitalOcean accounts and are not affected by regions.

Features

Teams are useful for project leaders and business owners who want to share control of server infrastructure with developers, financial administrators, and other collaborators.

You can create multiple teams and there is no limit to the number of members a team can have. Each team is billed separately and has its own payment information.

Roles

Team members can have one of three roles: owner, biller, or member. Roles determine a user’s level of access to a team’s shared resources, billing information, and settings.

Role Shared Resources Billing Information Team Settings
Owner View and modify View and modify View and modify
Biller View only View and modify No access
Member View and modify No access No access

Most team resources are shared, including:

However, personal access tokens for the API are unique to the members who generated them.

Additionally, some team emails are sent only to specific members:

  • Billing emails are sent to team owners and billers
  • Droplet password emails are sent to the member that created the related Droplet
  • Support ticket emails are sent to members who participated in the support ticket.

Secure Sign-In

Team owners can see the sign-in method for each team member. For additional security, owners can require secure sign-in via Google or GitHub OAuth or DigitalOcean two-factor authentication.

Increase team security by requiring all team members to sign in with Google OAuth, GitHub OAuth, or a DigitalOcean account with two-factor authentication.

Limits

  • Removing a member from a team removes their access to the control panel and API but does not remove their access to Droplets via SSH keys or other credentials. This is because DigitalOcean does not manage the contents of Droplets after creation. You must revoke credentials from multi-user Droplets independently.

  • Google OAuth and GitHub OAuth are accepted for secure sign-in, but we currently do not detect or enforce 2FA for these sign-in methods.