Users & Roles
Roles
| Role | Permissions |
|---|---|
| Owner | Full access to everything including billing and account deletion. One per account. |
| Admin | Full access except billing and account deletion. Can invite/remove users. |
| Editor | Can manage properties, banners, vendors, and policies. Cannot manage users or billing. |
| Viewer | Read-only access. Can view dashboard data and download reports. Cannot make changes. |
| Client Viewer | (Agency only) Read-only access scoped to a specific client's properties. |
Inviting a team member
- Account → Users → Invite User
- Enter their email address
- Select a role
- Click Send Invite
The invited user receives an email with a link to create their account. The link expires after 7 days.
Changing a user's role
Account → Users → [User] → Change Role
You cannot demote the only Owner. Transfer ownership first if needed.
Removing a user
Account → Users → [User] → Remove
The user loses access immediately. Their past actions (commits, publishes) remain in the audit log.
Transferring ownership
Account → Users → [User] → Transfer Ownership
The current Owner becomes an Admin. The selected user becomes the new Owner. Both users receive a confirmation email.
Two-factor authentication
Require 2FA for all team members:
Account → Security → Require 2FA → Enable
Users without 2FA are locked out until they configure it.
SSO (Enterprise)
Enterprise plans support SAML 2.0 SSO with your identity provider (Okta, Azure AD, Google Workspace, etc.).
Configure at Account → Security → Single Sign-On.