Inviting Members
Go to Settings -> Membership and click Invite. Enter an email address, choose a role, and send. Invitations expire after 7 days. If invite review is enabled for your workspace, members can submit invite requests and admins can approve or reject them before an email is sent.Roles
Every organization has two system roles:| Role | Access |
|---|---|
| Admin | Holds every permission: settings, members, invitations, seats, integrations, billing, org-wide access, usage visibility, and access controls |
| Member | Use chats, agent work, files, Library, and shared integrations, plus view-only access to roles, guardrails, and the audit log |
Guardrails
Guardrails are binding prompt constraints that admins can scope to the entire organization, a specific role, or a specific member. They are injected into the agent’s instructions for matching users, take precedence over personal instructions and saved memories, and all matching guardrails apply together. Use them to enforce standing rules such as “never send external emails without approval” or team-specific working agreements.Audit Log
The audit log records member, role, and guardrail changes across the organization: invitations, role changes, member removal, user deactivation and reactivation, password resets, and role or guardrail creation, updates, and deletion. Each entry shows the action, who performed it, the target, and the timestamp.Managing Members
In Settings -> Membership, admins can:- Change roles via the dropdown next to any member
- Deactivate a user: they are logged out of every session and can no longer sign in, but stay in the member list and can be reactivated at any time
- Remove members from the organization
- Search and filter by name, email, or role
- Cancel invitations that haven’t been accepted
- Review invitation requests submitted by members
- Track seat usage and open Plans to add seats when needed
| Status | Meaning |
|---|---|
| Active | Accepted and using the platform |
| Pending | Invitation sent, awaiting acceptance |
| Expired | Invitation expired after 7 days |
Removing a member automatically pauses all of their Loops so recurring work does not keep running under an account that has left, and the removal is recorded in the audit log.
Seats
The Membership page shows active member count against available seats. If your workspace is at capacity, admins can open Plans to add seats. Non-admins should ask an admin to add seats or approve invites.Access and Sharing
Team membership controls who can use the organization workspace. Access to individual files, folders, integrations, and external systems may still depend on sharing settings, org-wide access, OAuth scopes, API key permissions, and roles in the connected service.Settings
Configure workspace preferences
Security
Data protection and privacy