Skip to main content
Version: 0.9.14

Users and roles

Path: /settingsUsers tab

Manage team membership and roles. See Role and access model for the full permission matrix.

Columns

ColumnDescription
First NameUser's first name.
Last NameUser's last name.
EmailUser's email.
RoleTeam role: ADMIN / MEMBER / VIEWER.
ActiveWhether the user account is active.

Roles

RoleWhat they can do
ADMINFull team control — settings, members, variables, header manipulation, API keys, flow activation.
MEMBERCreate / edit apps, providers, agents, flows, scenarios. View conversation logs. No team settings.
VIEWERRead-only access; no logs.

Constraints

  • You cannot change your own role — another ADMIN or SUPERUSER must do it.
  • A user can belong to multiple teams with different roles.

Workflows

Add a user

  1. Click Add User.
  2. Pick a user from the dropdown (platform users not yet in the team).
  3. Assign a role.
  4. Save.

Change a role

Edit the role via the dropdown in the table row and save.

Remove a user

Use the row action; confirm the removal. Access is revoked immediately.

Reset a user's password

Admins can send a password-reset email to a user from the Users tab. The user receives the reset link by email and sets a new password through the normal password flow.

Security controls

v0.9.13 adds account-level protections that apply across teams:

  • Repeated failed login attempts temporarily lock the account.
  • Passwords can expire based on the platform password policy; users are warned before expiry and directed to the change-password flow.
  • Deployments can limit how many active sessions one user may hold at the same time. If the user reaches the limit, the next login is rejected until an older session expires or is closed.

SuperUsers can also review authentication and role-management access events from the platform administration views.

See also