Teams & Users
Invite teammates, manage roles, and keep access scoped to your business.
Teams & Users
Your access is enforced at the API layer via memberships. This page gives you a calm, safe way to manage it.
Signed in as: … · Role: STAFF
Team Members
Members can be Owners, Admins, or Staff. Only Owners/Admins can change access.
Owner promotions can only be done by an existing Owner.
Invitations
Create a secure invite link and share it with a teammate. Invites expire automatically.
Note: for security, invite links are only shown when you create or refresh them. Older invites can be canceled here, but their token can’t be re-shown without refreshing.
Roles & Access
Owner can manage all users and invites. Owners are protected from being removed or suspended if it would lock the business.
Admin can manage team members (roles/status) and invites. Billing and subscription controls are intentionally excluded.
Staff is view-only. You’ll still see all controls, but they’ll be disabled with a clear tooltip so nothing is “mysteriously missing.”
Infrastructure note: business scope is enforced server-side via `BusinessUser` membership. UI is a convenience layer, not the source of truth.
Role capabilities
Summary view based on the current permission matrix. This is not app-by-app.
| Role | View | Create drafts | Edit drafts | Apply | Export | Manage team | Manage settings |
|---|---|---|---|---|---|---|---|
| Owner | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Admin | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Staff | ✓ | ✓ | ✓ | ✓ | ✓ | — | ✓ |
Safety & trust
- Access is scoped to this business only.
- Invites expire and can be canceled.
- Sensitive access changes are logged.
- No shared accounts.
- Roles use deny-by-default permissions.
