Operations

Members and roles: who can do what

Workspace member management — invite users, assign roles (owner, admin, member), set per-member permissions, audit who did what.

Updated May 6, 2026

Members are the people inside your workspace. Roles control what each of them can do.

Roles

Role	Can do	Can't do
Owner	Everything, including billing and deleting the workspace	—
Admin	Manage agents, calls, KB, campaigns, members, branding	Delete the workspace, transfer ownership
Member	Use agents, place calls, view transcripts	Manage other members, change billing, modify production agents
Viewer	Read-only access to dashboards and reports	Anything that mutates state

The owner is set at workspace creation and is the only role that can transfer ownership.

Inviting a member

In the dashboard:

Settings → Members → Invite
Enter email, pick role
Send

The recipient gets an email with a link. They create an account (or log in if they have one) and land in your workspace.

Or via API:

curl -X POST https://api.call2me.app/v1/members/invitations \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "email": "alice@example.com",
    "role": "member"
  }'

The invitation expires in 7 days if not accepted.

Changing roles

From Settings → Members, click the role dropdown on a member row. Changes take effect immediately — the next API call or dashboard action uses the new role.

Removing a member

Settings → Members → Remove (or DELETE /v1/members/{id}). The removed user can no longer log into the workspace. Their past actions remain in the audit log.

Important: removing a member does NOT revoke API keys they created. Keys belong to the workspace. To revoke, do it explicitly from Settings → API Keys.

Audit log

Every member action is logged:

API key created / revoked
Agent / KB / campaign created / updated / deleted
Member invited / removed / role changed
Billing events (top-up, refund, payment-method change)

View at Settings → Audit Log. Filterable by member, action type, and date.

Per-member usage

The dashboard's Members view shows per-member usage stats:

Number of calls placed
Total spend
Most-used agents

Useful for cost attribution in larger teams.

Tenants — when this gets richer

If you're operating in white-label mode (see White-Label), the Members concept extends one level up — your tenant has admins who can manage many workspaces, each of which has its own members.

Most non-white-label accounts can ignore tenants entirely.

What's next

Authentication — API keys vs. user sessions
Security — audit logs, encryption, PII handling
White-Label — the tenant layer above members

Frequently asked

Q.What's the difference between a workspace and a tenant?

A workspace is one customer account with its own agents, calls, wallet, and members. A tenant is the white-label brand layer above one or more workspaces — relevant only when you're reselling. Most accounts are a single workspace.

Q.How many members can a workspace have?

No fixed limit. The number you should add is bounded by what's safe — every member with admin role can spend wallet credits, modify production agents, and see transcripts. Keep admin roles tight.

Q.Can I invite someone outside my company?

Yes — invitations are by email. They don't need to be on your domain. The dashboard sends the invite link; the recipient creates an account and joins your workspace on accept.

Q.What happens to a removed member's API keys?

API keys are workspace-scoped, not user-scoped — they keep working when a member is removed. To revoke, manually revoke the keys from the audit log or rotate them.

ShareX / Twitter LinkedIn

Ready to ship?

Spin up your first agent in 5 minutes — $10 free credit.

Start free