Team — invite users, set permissions, manage members

A workspace can have many members. Each member has their own login, their own audit-log identity, and a permission set that scopes which parts of the admin they can touch. Use this page to invite people, hand out the right permissions, and remove access when someone leaves.

When to enable multi-user

Turn this on once any of these is true:

  • More than one person logs into the admin.
  • You want a clean audit trail of who did what (the audit log uses member identity, not a shared login).
  • You're using SSO — multi-user is implied; SSO members are provisioned just-in-time as Team rows.

Solo operators don't need this — your account email is the only login that exists, and that's fine.

How to invite someone

  1. Admin → Account → Team.
  2. Invite member.
  3. Enter their email address. The invite goes to that email.
  4. Pick a permission set (see below).
  5. Send invite. The invitee gets an email with a one-click acceptance link — when they accept, they set their own password, and the row moves from pending to active.

Invites expire — if the link wasn't used by the invitee, just resend.

Permissions

Each member has a set of toggles that scope what they can do. The Admin flag is the super-power: turn it on and the other toggles are implied. Leave it off for the more granular set:

  • Admin — everything. Settings, SSO, audit, team, billing, knowledge, conversations.
  • Manage billing — payment method, subscription, overage cap, retention. See billing and usage limits.
  • Manage knowledge — snippets, documents, crawl, catalog, contacts. See knowledge base and catalog.
  • View leads — read the Leads page. Without it, the nav entry is hidden.
  • Live takeover / handoffs — read the Handoffs queue and reply to visitors. Required for any operator who actually answers handoffs. See handoff.

Pick the least set that lets the person do their job. The defaults err on the safe side: a new member gets only what you explicitly check. You can edit a member's permissions inline at any time — changes take effect on their next request.

Removing a member

  1. Find the member in the list.
  2. Remove.
  3. Confirm.

They get logged out immediately on next admin request. Their audit-log entries stay — removing a member doesn't rewrite history.

If the person is on SSO and you remove their access in your IdP, they also can't log back in. Removing the Team row is optional cleanup in that case.

Who can manage the team?

Only Admin members. If you don't see the Team entry in the sidebar, your permissions don't include admin — ask whoever does to hand it out.

Common questions

  • How do I add a user? Account → Team → Invite member, enter their email, pick permissions, send.
  • Why can't they see the Leads page? The View leads permission isn't on for their row. Edit and toggle it.
  • Are there per-page permissions beyond this list? No — what the Team page shows is what exists. We'd rather a small set you actually read than a 40-checkbox matrix nobody reviews.
  • Can I have a read-only member? Closest is one with no permissions checked — they can read conversations and dashboard, but every destructive action is hidden.
  • What's the difference between a member and a tenant invite? Team invites add someone to your existing workspace. Tenant invites (an ops feature) create a whole new workspace. You almost certainly want the first.
  • Can I share one login between two people? Technically yes, but audit log credits both their actions to one identity. Invite each person separately — there's no per-seat charge on the Team feature itself.

See also SSO for IdP-mediated login, notifications for per-member alert routing, and audit log for who-did-what tracking.

Where to find us

Stuck? Email [email protected].