Resources

Documentation

Everything you need to get started, integrate, and get the most out of Topogy.

Token usage visibility

Topogy shows AI token usage — token counts, cost, and activity — across your organization. What each person can see is controlled by their role. You can let everyone see their own usage, give managers their team's usage, and give admins the whole organization — all from the same set of controls. This guide explains those controls and how each visibility level behaves.

How visibility is controlled

Usage visibility comes from two permissions on a role. You configure a role's permissions under Settings → Roles, then assign the role to people under Settings → Members. The two permissions work together:

PermissionWhat it controls
Token UsageWhose usage figures a person can see — token counts, cost, and activity.
Token Usage AttributionWhose names appear next to those figures. Where a person lacks attribution for someone, that someone shows anonymized (for example, "Member 3") instead of by name.

Splitting the two lets you, for instance, show a manager the numbers for everyone in the org while only revealing names for their own team.

The three visibility levels

Each of the two permissions is set to one of three levels. The level answers the question "whose data?".

LevelA person with this level sees…Typical role
SelfOnly their own usage — nothing about any teammate.Individual contributor
TeamEveryone on their own team (or teams). Other teams' usage is not returned at all.Team lead / manager
AllEvery member across the whole organization.Admin

The two permissions can sit at different levels on the same role. A common example: Token Usage at All and Token Usage Attribution at Team — the person sees org-wide numbers, but only their own team's members are named; everyone else is anonymized.

Self and All need no extra setup — "myself" and "the whole organization" are unambiguous. The Team level is the one that depends on your org structure, because Topogy has to work out which team the viewer belongs to. The rest of this guide covers that.

How the Team level finds a person's team

With the Team level, Topogy answers "which team does the person viewing the dashboard belong to?" each time the page loads, so it always reflects your current org structure. The steps are:

  1. Identify the viewer by their account email. Topogy uses the email address on the person's Topogy account.
  2. Match that email to a person in your organization chart. Topogy looks that email up against the people in your org structure, managed under Settings → Teams & People.
  3. Read the team (or teams) that person belongs to. Team membership lives in Teams & People.
  4. Return usage for the members of those teams only. Everyone on the viewer's team is included; other teams never appear in the results.

Because the team is derived from the viewer every time, one Team-level role automatically shows each team lead their own team. You don't create a separate role per team, and there is no team to keep in sync on the role itself.

What the Team level needs in place

Team-scoped visibility is only as accurate as the org structure it reads from. Two things must be true for a Team-level person to see the right data:

  • The person is in Teams & People, on the correct team. Team membership comes from your org structure — not from your identity provider's groups. Groups from Okta drive which role a person gets (see Okta Group Sync); Teams & People decides which team they're on. These are two different things.
  • Their account email matches their Teams & People email. The link between the person signing in and their place in the org chart is made by email address, so the two need to agree.

If the emails don't match, the view is empty — not wrong. If a person's account email can't be matched to anyone in your org chart, Topogy can't determine their team, so a Team-level view shows them nothing rather than guessing. This fails safe — no one is ever shown another team's data by accident — but to the person it looks like an empty dashboard. If someone reports missing usage, check first that the email they sign in with appears against their entry in Settings → Teams & People.

Example: give team leads visibility into their own team

Say you want every team lead to see their own team's AI usage, with names, and nothing from other teams.

  1. Create (or choose) a "Team Lead" role under Settings → Roles. Grant it Token Usage at the Team level, and Token Usage Attribution at the Team level so teammates show by name.
  2. Assign the role to your leads under Settings → Members — directly, or by mapping an Okta group to the role so assignment stays automatic.
  3. Confirm each lead is on their team under Settings → Teams & People, using the email they sign in with. This is the step that decides which team each lead sees.

Each lead now sees usage for their own team's members, by name. Another lead with the same role sees their team — the roles are identical; the data differs because the viewer differs.

Troubleshoot

  • A Team-level dashboard is empty — the account email that person signs in with almost certainly doesn't match their entry in Teams & People. Confirm they exist in your org structure with that exact email, on the expected team.
  • A person sees the wrong team, or is missing teammates — check their team membership under Settings → Teams & People; that's the single source Topogy reads for the Team level.
  • Numbers show but names are masked as "Member N" — the person has Token Usage at their level but Token Usage Attribution at a narrower level. Raise the attribution permission to match.

For help setting this up, reach out to your Topogy contact or email support@topogy.com.