Team Access & RBAC
Invite team members, assign roles, and control exactly what each person can see and do.
Role-based access control (RBAC) means every team member gets the permissions their job actually requires — nothing more. A field technician never sees invoice margins. An estimator can't accidentally delete a contact. The Owner controls everything and can override any setting at the individual level.
Roles
Six predefined roles cover every position in a typical contractor business. You can also set custom per-user overrides on top of any role.
Owner Full access to everything. Can manage billing, integrations, API keys, and delete the account. Only one Owner per organization.
Admin Full operational access. Can invite/remove users, configure workflows, and see all financial data. Cannot manage billing.
Office Manager Manages scheduling, conversations, invoices, and follow-ups. Can see job costs but not profit margins. Cannot change system settings.
Field Technician Mobile-focused. Can view assigned jobs, update project status, capture photos, log time, and submit receipts. No financial access.
Estimator Creates and manages estimates. Can view contacts and project history. Cannot see processed payments or modify invoices after approval.
Viewer Read-only access to contacts, projects, and reports. Cannot create, edit, or delete anything. Useful for silent partners or accountants.
Permissions Matrix
● Full access · ◐ Partial · ○ No access
| Feature | Owner | Admin | Office Mgr | Field Tech | Estimator | Viewer |
|---|---|---|---|---|---|---|
| Contacts & CRM | ||||||
| View contacts | ● | ● | ● | ◐ | ● | ● |
| Create / edit contacts | ● | ● | ● | ○ | ◐ | ○ |
| Delete contacts | ● | ● | ○ | ○ | ○ | ○ |
| Projects & Jobs | ||||||
| View projects | ● | ● | ● | ◐ | ● | ● |
| Create / update projects | ● | ● | ● | ◐ | ◐ | ○ |
| View job costs & margins | ● | ● | ◐ | ○ | ○ | ○ |
| Financials | ||||||
| View invoices | ● | ● | ● | ○ | ◐ | ● |
| Create / send invoices | ● | ● | ● | ○ | ○ | ○ |
| View transaction history | ● | ● | ● | ○ | ○ | ◐ |
| Create estimates | ● | ● | ● | ○ | ● | ○ |
| Conversations & Messaging | ||||||
| View conversations | ● | ● | ● | ◐ | ○ | ○ |
| Send messages | ● | ● | ● | ◐ | ○ | ○ |
| Settings & Automation | ||||||
| Manage workflows | ● | ● | ○ | ○ | ○ | ○ |
| Manage integrations | ● | ● | ○ | ○ | ○ | ○ |
| Invite / remove users | ● | ● | ○ | ○ | ○ | ○ |
| Manage billing | ● | ○ | ○ | ○ | ○ | ○ |
Invite a Team Member
Invites are sent by email with a one-click sign-up link. The link expires after 48 hours. You can resend or revoke any pending invite.
Invite form fields:
- Email Address (e.g.
technician@example.com) - Role — Field Technician · Estimator · Office Manager · Admin · Viewer
The invited person receives an email with a secure link to create their account. They're added to your organization once they sign up.
Pending Invites
| Role | Sent | Status | Actions | |
|---|---|---|---|---|
| mike.santos@gmail.com | FIELD | 2026-05-14 | Pending | Resend · Revoke |
| sarah@acmecontracting.com | OFFICE | 2026-05-10 | Expired | Resend · Revoke |
Team Members
| Name | Role | Since | |
|---|---|---|---|
| Jonathon Byrdziak | OWNER | jonathon@merchantprotocol.com | Jan 2025 |
| Tony L. | ADMIN | tony@merchantprotocol.com | Mar 2025 |
| Carlos R. | FIELD | carlos@merchantprotocol.com | Apr 2025 |
| Amy K. | OFFICE | amy@merchantprotocol.com | Apr 2025 |
Custom Permission Overrides
Sometimes a role doesn't quite fit. You can override individual permissions for any user without creating a custom role. Overrides are visible in the audit log and can be removed at any time.
- Grant extra access: e.g., give a Field Technician read access to their own invoices.
- Restrict default access: e.g., prevent an Office Manager from sending messages on a specific project.
- Scoped overrides: some overrides can be limited to a specific project, contact, or date range.
- Inherited role still applies: overrides layer on top — they don't replace the base role entirely.
Audit Log
Every permission change, login, invite, and access event is logged with a timestamp, the user who made the change, and what changed. Admins can export the full log.
| Time | Event |
|---|---|
| Today 9:42 AM | Jonathon B. invited mike.santos@gmail.com as Field Technician |
| Today 8:15 AM | Tony L. changed role for Amy K. from Viewer → Office Manager |
| Yesterday 3:30 PM | Jonathon B. added custom override: Carlos R. — view invoices for Project #1042 only |
| May 10, 2:00 PM | System — Invite for sarah@acmecontracting.com expired (no action taken) |
| May 10, 9:00 AM | Tony L. logged in from 192.168.1.42 (mobile) |
Open Questions
- Should Field Technicians be able to see their own payout / job earnings, or strictly no financial data?
- Multi-org support — can a technician belong to multiple organizations (e.g., a subcontractor working for two businesses)?
- SSO / Google Workspace login — priority for larger teams?
- Role templates for common setups (e.g., "solo operator", "small team", "multi-crew") to speed up onboarding?