Users
User management allows you to invite team members, assign roles, and control access across your organization. Users can belong to multiple workspaces with different roles in each, providing flexible access control. Proper user management ensures that the right people have the right access at the right time.
Understanding User Management
The Users system manages access by combining user accounts with role assignments and workspace scoping.
User Accounts
Each team member has a user account with email, name, and authentication credentials. Users must be invited and accept invitations to join.
Role Assignment
Users are assigned one or more roles, which determine their permissions. Roles can be assigned per workspace, allowing different access levels in different contexts.
Workspace Scoping
Users can belong to multiple workspaces, each with potentially different roles. This provides flexible access control across organizational boundaries.
Common Use Cases
Onboarding New Team Members
Invite new employees and assign appropriate roles based on their job functions. They receive email invitations and can join immediately after accepting.
Role Changes
When team members change roles or responsibilities, update their role assignments. Changes take effect immediately across all assigned workspaces.
Offboarding
When team members leave, deactivate or remove their access immediately to maintain security. This prevents unauthorized access to sensitive data.
Multi-Workspace Access
Assign users to multiple workspaces with different roles in each. Perfect for agencies managing multiple clients or cross-department collaboration.
Key Benefits
Centralized Management
Manage all users from one central location. View user details, roles, workspace assignments, and activity in one place.
Secure Access Control
Control who has access to what features through role assignments. Revoke access immediately when needed to maintain security.
Flexible Role Assignment
Assign multiple roles to users and scope roles by workspace. Users can have different access levels in different workspaces.
Audit Trail
Track user access, role assignments, and changes over time. Maintain compliance with security policies and organizational requirements.
Inviting Users
Invite new team members to join your organization and assign them appropriate roles.
Step 1: Navigate to Users
-
1
Go to Roles & Permissions: Navigate to Roles & Permissions in the main navigation menu.
-
2
Click Users: Select Users from the Roles & Permissions submenu (or go to Team Management).
-
3
Click Invite: Look for the Invite User or Add User button, typically at the top of the users list.
Step 2: Enter User Details
Fill in the user information:
Required Information
- Name: The user's full name (e.g., "John Smith")
- Email: The user's email address. This will be used for the invitation and login
- Roles: Select one or more roles to assign to the user
- Workspaces (if applicable): If using workspaces, specify which workspace(s) the user should belong to and which roles apply to each workspace
Email Best Practice: Use company email addresses for traceability and security. Personal emails make it harder to track and manage access, especially when team members leave.
Step 3: Send Invitation
After entering user details:
- Review the user information and role assignments
- Click Send Invitation or Invite
- The user will receive an email invitation with a link to join
- The invitation status will be tracked (pending/accepted)
After Invitation Sent
- The user appears in your users list with "Pending" status
- They receive an email with instructions to join
- Once they accept, their status changes to "Active"
- They can immediately access features based on their assigned roles
Managing User Access
Once users are added, you can manage their access by updating roles, workspaces, or deactivating accounts.
Updating User Roles
When user responsibilities change:
- Go to Roles & Permissions → Users (or Team Management)
- Find the user you want to update
- Click Edit or Manage Roles for that user
- Add, remove, or modify role assignments
- If using workspaces, update workspace-specific role assignments
- Save changes - updates take effect immediately
Immediate Effect: Role changes take effect immediately. Users may need to refresh their browser or log out and back in to see permission changes reflected in the interface.
Deactivating or Removing Users
When users no longer need access:
Deactivate
Temporarily disable access without removing the user account. The user cannot log in, but their data and history are preserved.
Use when: User is on leave, temporarily unavailable, or you want to preserve their data.
Remove
Permanently delete the user account. This action may be irreversible and should be used with caution.
Use when: User has permanently left and you want to clean up the user list. Consider data retention policies first.
Important: Always deactivate or remove user access immediately when team members leave. Delayed access removal is a security risk. Review your organization's data retention policies before permanently removing users.
Best Practices
User Onboarding
- Use Company Emails: Always use company email addresses for traceability and security. Personal emails make it harder to manage access when team members leave.
- Assign Appropriate Roles: Assign roles based on job functions, not individual preferences. Start with minimal permissions and add more only when needed.
- Verify Invitations: Confirm that users receive and accept invitations. Follow up if invitations remain pending for extended periods.
- Provide Context: When inviting users, provide context about what they'll be able to access and what their role entails.
Access Management
- Regular Audits: Regularly review active users against your current team roster. Identify and remove access for users who no longer need it.
- Immediate Updates: Update role assignments immediately when responsibilities change. Don't wait for scheduled reviews.
- Prompt Removal: Deactivate or remove access immediately when team members leave. Delayed access removal is a security risk.
- Workspace Context: Consider workspace context when assigning roles. Users may need different roles in different workspaces.
Security
- Least Privilege: Always grant the minimum access necessary. Users should only have permissions they need for their job functions.
- Regular Reviews: Conduct quarterly reviews of all user access to ensure it still matches current responsibilities.
- Monitor Activity: Periodically review user activity logs (where available) to identify unusual access patterns or potential security issues.
- Document Changes: Document significant access changes for audit purposes and future reference.
Troubleshooting
User did not receive invitation email
Checklist:
- Check email address: Verify the email address was entered correctly. Typos in email addresses will prevent delivery.
- Check spam folder: Invitation emails may be filtered to spam. Ask the user to check their spam/junk folder.
- Email configuration: Verify that email is properly configured in Settings. Check SMTP settings and test email delivery.
- Resend invitation: Try resending the invitation. Some email providers may delay or block first-time emails.
- Check invitation status: Review the invitation status in the Users list. If it shows as "Sent", the email was dispatched successfully.
Cannot assign roles to users
Checklist:
- Check permissions: Ensure you have the necessary permissions to manage users. Typically requires "role_management" or "users" module permissions.
- Verify role exists: Confirm that the role you're trying to assign actually exists. Roles must be created before they can be assigned.
- Workspace context: If using workspaces, ensure you're in a workspace where you have user management permissions.
- Super Admin: Super Admins can always assign roles. If you're a Super Admin and still can't, contact support.