Members

An account member is a user with some level of access to that account.

The Free and Pro plans are designed for use by individuals, so accounts in these tiers can only have a single member. Conversely, Business and Enterprise tiers allow an unlimited number of users to be added.

A user can be a member of an unlimited number of accounts, with the sole restriction that only one of these is a Free-tier account.

Permissions

To support accounts with a large number of users - particularly for businesses - it is possible to control resource access using a role-based permission model.

For resources that are part of a project, access is determined by the user's role within that project. If the user is not a member of the project, they have no access - neither read nor write - to the enclosed resources.

For resources that are not part of a project, the level of access is determined by the user's account role. This also controls what account-level actions they can perform.

Decision Tree

This flowchart depicts the logic used to determine a user's access level for a given resource.

Roles

Each account member has a role, which determines which actions they can perform within that account. A user belonging to multiple accounts may have a different role within each.

There are three roles available: Viewer, Editor, Administrator, and Billing Administrator.

Viewer

This role can be thought of as read-only access.

Users with it can view all non-project resources. However, they cannot create any projects, nor can they create or edit any non-project resources. Access to resources within a project is determined by the user's project role.

Like all users, they can join any Open project at any time. They are assigned a project role of Viewer, so only acquire read access.

Thus, it is not possible for a user with this account role to create or edit any resource, unless someone else adds them to a project with a role of Editor or Administrator.

Editor

This role can be thought of as read-write access.

Users with it can create and edit all non-project resources. They can also create projects. Access to resources within a project is determined by the user's project role.

As with Viewers, they can join any Open project by themselves, but only acquire read access to those resources.

Administrator

By default, users with this role can only access the same resources as if they were an Editor. They can create and edit all non-project resources, with their project role respected as usual for items within a project.

However, they can also see a manifest of all account resources - including ones they would not typically have access to - and can force-add themselves to any project at any time. They are therefore able to access any resource.

These users can also modify account settings (excluding billing), and can add, remove, or change the role of other account members (including other Administrators, but excluding Billing Administrators), at any time.

This is a privileged role that few should have, as it grants near-total access. Most users should have an account role of Viewer or Editor, with additional privileges for certain resources given through project membership.

Billing Administrator

This role is similar to Administrator, but these users can also manage billing details.

Specifically, this includes changing the account's plan, viewing or updating payment details, or purchasing extra phone credits.

Additionally, only these users can change the account role of other Billing Administrators or promote another member to this role.

Only appoint this role to individuals who can be trusted with complete access to the account, including viewing payment information.

There must always be at least one Billing Administrator. If you are the only one with this role on an account, you can only leave that account by appointing this role to another member, or by deleting the account.