Visibility Settings
Control who can access your analytics dashboard through privacy settings, team management, public sharing, and API access.
Dashboard Visibility
Private (Default)
By default, your analytics dashboard is private and only accessible to:
- The site owner
- Team members you've invited
- Users with valid API keys
No one else can view your analytics data.
Public Dashboard
Make your analytics publicly accessible with a shareable link. Anyone with the link can view your stats in read-only mode.
What public viewers can see:
- Overview stats (visitors, pageviews, bounce rate)
- Top pages and entry/exit pages
- Traffic sources and UTM campaigns
- Geographic data (countries/regions)
- Device and browser statistics
- Custom events and goal conversions
What public viewers cannot see:
- Real-time visitor details
- Settings or configuration
- Team members
- Ability to export data
- API keys
Creating a Public Dashboard
- Go to Settings → Visibility
- Toggle Public Dashboard to enabled
- Copy the generated shareable URL
- Share the link with anyone
Example URL:
https://app.ovyxa.com/share/abc123xyz
Revoking Public Access
To make your dashboard private again:
- Go to Settings → Visibility
- Toggle Public Dashboard to disabled
- All existing public links are immediately invalidated
Team Members
Collaborate with your team by inviting members to access your analytics.
User Roles
Owner
- Full access to all features
- Can modify all settings
- Can delete the site
- Can transfer ownership
- Cannot be removed (must transfer ownership first)
Admin
- Full access to analytics data
- Can modify most settings
- Can invite/remove team members
- Cannot delete the site or transfer ownership
Viewer
- Read-only access to analytics data
- Can view all reports and dashboards
- Can export data
- Cannot modify settings or invite others
Inviting Team Members
- Go to Settings → Visibility → Team Members
- Click Invite Member
- Enter their email address
- Select a role (Admin or Viewer)
- Click Send Invitation
The invitee will receive an email with instructions to join.
Managing Team Members
Change role:
- Find the team member in the list
- Click the role dropdown
- Select new role (Admin or Viewer)
Remove member:
- Find the team member in the list
- Click Remove
- Confirm the action
Removed members immediately lose access to the dashboard.
Pending Invitations
View and manage pending invitations:
- Resend - Send the invitation email again
- Revoke - Cancel the invitation before it's accepted
API Keys
Generate API keys for programmatic access to your analytics data.
Creating an API Key
- Go to Settings → Visibility → API Keys
- Click Generate New Key
- Enter a descriptive name (e.g., "Production Server", "Mobile App")
- Select permissions:
- Read-only - Can only fetch stats (recommended)
- Write - Can send custom events from backend
- Click Generate
- Copy the key immediately (it won't be shown again)
Example API key:
ovyxa_sk_1234567890abcdef
Using API Keys
Include the API key in the Authorization header:
curl https://api.ovyxa.com/v1/stats/overview \
-H "Authorization: Bearer ovyxa_sk_1234567890abcdef" \
-H "Content-Type: application/json"
See our API documentation for detailed usage.
Managing API Keys
View active keys:
- Name and description
- Creation date
- Last used date
- Permissions
Rotate keys:
- Generate a new API key
- Update your applications to use the new key
- Delete the old key once migration is complete
Delete keys:
- Find the key in the list
- Click Delete
- Confirm the action
Deleted keys stop working immediately. Any applications using them will receive authentication errors.
Security Best Practices
API Keys
- Never commit keys to version control - Use environment variables
- Use separate keys per application - Easier to rotate if compromised
- Prefer read-only keys - Only use write permissions when necessary
- Rotate keys regularly - Update keys every 6-12 months
- Delete unused keys - Remove keys for deprecated applications
Team Access
- Use viewer role by default - Only grant admin when needed
- Review team members regularly - Remove inactive users
- Use work emails - Avoid personal email addresses
- Monitor access logs - Check who's accessing your data (Pro plan)
Public Dashboards
- Share selectively - Only make public if necessary
- Monitor traffic - Check if your public link is being misused
- Revoke when done - Disable public access after temporary sharing
- Don't share sensitive sites - Keep internal tools private
Sharing Best Practices
When to Use Public Dashboards
Good use cases:
- Marketing landing pages
- Open source projects
- Public blog or content site
- Transparency for community projects
Avoid for:
- Internal business applications
- E-commerce checkout flows
- User dashboards or portals
- Sites with sensitive business data
When to Invite Team Members
Good use cases:
- Giving access to colleagues
- Sharing with clients (viewer role)
- Collaborating with agencies (admin role)
- Onboarding new marketing team members
When to Use API Keys
Good use cases:
- Sending server-side events
- Building custom dashboards
- Automating reports
- Integrating with other tools
Privacy Considerations
All visibility settings respect Ovyxa' privacy-first approach:
- Public dashboards show only aggregated data
- No individual visitor tracking data is ever exposed
- IP addresses are never shown to anyone
- Team members see the same privacy-safe data
Your visitors' privacy is protected regardless of visibility settings.
Need Help?
Questions about sharing or team management?
- Review our API documentation
- Contact support at support@ovyxa.com
- Check our security documentation