Manage members and access
Invitation, role, and segregation-of-duties management for organizations.
howto • updated 2026-03-15
Goal
Ensure each person only has access required for their job responsibilities.
Role model
OWNER: governs risk, billing, and final approvals.ADMIN: runs configuration and team management.MEMBER(or equivalent): daily execution with limited permissions.
Recommended process
11) Invite with minimum role
Start from least privilege and promote only with justified need.22) Validate organization scope
Confirm each member can access only relevant organizations.33) Review access periodically
Run monthly reviews for active members, pending invites, and elevated roles.44) Track critical changes
Keep audit trail for promotions, demotions, and removals.
Critical controls
- Do not leave organization ownership dependent on a single person.
- Disable inactive high-privilege accounts.
- Expire stale pending invites.