StackShield

Teams & Settings

Manage your team members, roles, API keys, and account settings.

How teams work

Everything in StackShield is organized by teams. Each team has its own:

  • Domain checks and scan history
  • Issues and tracking
  • Notification settings
  • API keys
  • Subscription plan and billing

When you create an account, a personal team is automatically created for you. You can create additional teams or be invited to other teams.

Team members

Inviting members

To invite someone to your team:

  1. Go to Team Settings from the sidebar
  2. Navigate to the Members section
  3. Enter the person's email address and select a role
  4. Click Invite

The invitee will receive an email with a link to accept the invitation. If they don't have a StackShield account, they'll be prompted to create one.

Roles

Team members can have different roles that control what they can do:

Role Permissions
Owner Full access. Can manage billing, delete the team, manage members and roles, and do everything an admin can do.
Admin Can manage checks, scans, issues, notifications, API keys, and invite/remove members. Cannot manage billing or delete the team.
Member Can view everything, run scans, and manage issues. Cannot change team settings, manage members, or access billing.

Removing members

Team owners and admins can remove members from the team settings page. Removed members immediately lose access to the team's data.

Switching teams

If you belong to multiple teams, you can switch between them using the team switcher in the sidebar. All data you see (checks, scans, issues) belongs to the currently selected team.

API keys

Each team can generate an API key for programmatic access to the REST API and MCP server.

Generating an API key

  1. Go to Team Settings
  2. Navigate to the API Key section
  3. Click Generate API Key
  4. Copy the key immediately — it's only shown once

Important: save your API key

The API key is displayed only once when generated. If you lose it, you'll need to revoke it and generate a new one. Store it securely — treat it like a password.

Using the API key

Include the API key as a Bearer token in the Authorization header: 

Authorization: Bearer sk_your_api_key_here

The API key provides full access to the team's data (checks, scans, issues, stats). See the API Reference for all available endpoints.

Revoking an API key

If your API key is compromised or you simply want to rotate it:

  1. Go to the API Key section in Team Settings
  2. Click Revoke Key
  3. The old key is immediately invalidated
  4. Generate a new key if needed

Any integrations using the old key will stop working immediately, so update them with the new key.

API key vs. CI/CD URLs

The API key is for the REST API and MCP server. For CI/CD scan triggering, StackShield uses hash-based URLs that don't require an API key at all. See CI/CD Integration for details.

Profile settings

Each user has their own profile settings, accessible from the user menu:

  • Name — your display name across the platform
  • Email — your login email and notification address
  • Profile photo — upload a custom avatar
  • Password — change your account password
  • Two-factor authentication — enable 2FA for extra account security (recommended)

Two-factor authentication

We strongly recommend enabling two-factor authentication (2FA) on your account:

  1. Go to your Profile settings
  2. Find the Two-Factor Authentication section
  3. Click Enable and scan the QR code with your authenticator app (Google Authenticator, Authy, 1Password, etc.)
  4. Enter the verification code to confirm
  5. Save your recovery codes in a secure location — these let you access your account if you lose your authenticator
Scheduling Billing & Plans