Members
Member management covers two distinct levels: organisation membership (who has a platform account in your organisation) and workspace membership (which of those organisation users can access a specific workspace and at what level).
Who can use it
| Capability | ORG Member | ORG Admin |
|---|---|---|
| Add users to the organisation | No | Yes |
| View org members (search) | No | Yes |
| Add/remove members from a workspace | Workspace Admins only | All workspaces |
| Change a workspace member's role | Workspace Admins only | All workspaces |
Organisation Membership
Platform Roles
Every user in the organisation has one of two platform roles:
| Role | Description |
|---|---|
| ORG Admin | Full access to all platform features including Settings, Billing, Audit Log, and workspace administration. The first ORG Admin is created during registration. |
| ORG Member | Access to the full Discover to Build workflow, Workspaces (where they are a member), Insights, and Costs. Read-only access to Billing. |
New users created via the member invitation API are always assigned the ORG Member role. There is no way for a user to self-assign the ORG Admin role.
Adding a New User to the Organisation
There is currently no self-serve invite UI on the platform. New organisation users are created via the platform's member API (POST /api/admin/members). When a new user is created:
- They are added to the organisation with the ORG Member role
- A welcome email is sent to the provided email address with login instructions
- The event is recorded in the Audit Log as
member.invited
To create a new org user, contact your platform operator or use the API directly with an ORG Admin session token.
Once an org user account exists, they can be added to any workspace by an ORG Admin or Workspace Admin.
Searching Organisation Members
ORG Admins can search across all organisation members. The global site search (Cmd+K / Ctrl+K) includes a live member search that queries the organisation's user list. This is useful when adding users to workspaces, as the workspace member picker uses the same member list.
Workspace Membership
Workspace membership controls who can see and work within a specific workspace. Users must be existing organisation members to be added to a workspace. Workspace membership does not create new platform accounts.
Workspace Roles
| Role | View workspace | Assign products/projects | Manage members |
|---|---|---|---|
| Workspace Viewer | Yes | No | No |
| Workspace Collaborator | Yes | Yes | No |
| Workspace Admin | Yes | Yes | Yes |
ORG Admins have implicit Workspace Admin access to every workspace in the organisation without needing an explicit membership row.
Adding a Member to a Workspace
- Navigate to Workspaces and open the workspace you want to manage.
- Go to the Members tab.
- Click Add Member.
- Search for an existing organisation user by name or email.
- Select the user and assign their workspace role (Viewer, Collaborator, or Admin).
- Confirm. The user now sees this workspace in their Workspaces list.
Only ORG Admins and existing Workspace Admins of a given workspace can add members to it.
Changing a Member's Workspace Role
- Open the workspace detail page and go to the Members tab.
- Find the member whose role you want to change.
- Use the role selector on their row to change their role.
- The change takes effect immediately.
Removing a Member from a Workspace
- Open the workspace detail page and go to the Members tab.
- Find the member you want to remove.
- Use the remove action on their row.
- Confirm. The user will no longer see this workspace in their list and will lose access to its contents.
Removing a user from a workspace does not delete their organisation account or affect their access to other workspaces.
How to use it to solve your problem
Onboarding a new team member
- Have the new user account created via the member API (contact your platform operator).
- Once their account is active, navigate to the relevant workspace(s) in Workspaces.
- Go to the Members tab of each workspace they should access.
- Click Add Member, find the user, assign the appropriate workspace role, and confirm.
- The new member can now log in and will see the workspaces they have been added to.
Granting a stakeholder read-only access
- Have the stakeholder's account created as an ORG Member (via the member API).
- Add them to the relevant workspace(s) as a Workspace Viewer.
- They can log in and see the products, projects, and members in those workspaces but cannot make any changes.
Restricting a contractor to a specific workspace
- Ensure the contractor has an ORG Member account.
- Add them only to the workspace(s) relevant to their work, with the appropriate role.
- As an ORG Member, they will only see workspaces they have been explicitly added to. They will not see other teams' or clients' workspaces.
How it fits the broader picture
Membership management is the access control layer that sits on top of workspaces. The platform's data isolation model works as follows:
- All data is scoped to the organisation. No data is shared between organisations.
- Within an organisation, workspace membership controls which users can see which products and projects.
- Platform roles (ORG Admin vs ORG Member) control access to administrative features.
Setting up membership correctly ensures that each team or client sees only the work relevant to them while ORG Admins retain full visibility and control.
For workspace configuration, see Workspaces. For a full role access matrix, see Admin Overview.