Run your workspace
Members & roles
A workspace can have many members, each with a role. Roles determine what they can do โ manage agents, see billing, kick other members. This page covers the roles, the invitation flow, and what changes when a member is added or removed.
Roles
Four roles, in order of authority:
| Role | Can do |
|---|---|
| Owner | Everything an Admin can plus manage billing. Only role that can subscribe / change plans / cancel. |
| Admin | Manage members and invitations. Manage agents, knowledge, behavior rules, integrations. Read all conversations and leads. Cannot manage billing. |
| Editor | Manage agents, knowledge, behavior rules. Read all conversations and leads. Cannot manage members or billing. |
| Viewer | Read-only. View agents, conversations, leads, analytics. Cannot edit anything. |
Roles live in the workspace_users pivot table; the
WorkspaceRole enum exposes capability methods โ
canManageAgents() (Owner / Admin / Editor),
canManageMembers() (Owner / Admin),
canManageBilling() (Owner only),
canViewAnalytics() (everyone) โ used by the policy layer.
Inviting
From /app/members, an Owner or Admin can invite by email.
The invite gets emailed with a tokenized link to
/invitations/{token}. Clicking it:
- Shows the invite preview (workspace name, who invited, role).
- Asks the visitor to log in or sign up if they aren't.
- On accept, attaches them to the workspace with the assigned role and redirects to the dashboard.
Invites expire after 7 days. They can be revoked from the same page before they're accepted.
Changing roles
Owners and Admins can change other members' roles. Admins can't touch other Admins or the Owner. The change takes effect immediately โ no re-login needed.
Removing
Removing a member detaches them from the workspace. Their conversations they took over stay attributed to them historically (the audit log keeps actor IDs). Their personal account survives โ they just lose access to this workspace.
Owner transfer
Every workspace has exactly one Owner. Transferring ownership is a two-step:
- The current Owner picks a target member and clicks Transfer.
- The target accepts in their notifications. Until they accept, the transfer is pending.
The original Owner becomes an Admin after the transfer. They can be demoted further if needed.
Multi-workspace users
A user can be a member of any number of workspaces. The sidebar's workspace switcher (visible only when there are 2+ memberships) lets them jump between. Each workspace has its own role for the user โ an Owner of one might be a Viewer of another.
The "current workspace" is resolved from the user's
default_workspace_id field. Switching writes the new ID.
All tenant-scoped queries thereafter run against that workspace.
Audit log
Member changes โ invitations sent, accepted, revoked, role changes,
ownership transfers, removals โ write rows to the audit_logs
table for forensic traceability. There's no UI page for browsing the
audit log in v1; query the table directly when you need to investigate.