> ## Documentation Index
> Fetch the complete documentation index at: https://docs.doe.so/llms.txt
> Use this file to discover all available pages before exploring further.

# Team

> Invite members, manage roles and permissions, and audit changes

Team controls live in **Settings -> Membership** for admins, alongside **Roles**, **Guardrails**, and the **Audit log** on enterprise plans.

## Inviting Members

Go to **Settings -> Membership** and click **Invite**. Enter an email address, choose a role, and send. Invitations expire after 7 days.

If invite review is enabled for your workspace, members can submit invite requests and admins can approve or reject them before an email is sent.

***

## Roles

Every organization has two system roles:

| Role       | Access                                                                                                                                       |
| ---------- | -------------------------------------------------------------------------------------------------------------------------------------------- |
| **Admin**  | Holds every permission: settings, members, invitations, seats, integrations, billing, org-wide access, usage visibility, and access controls |
| **Member** | Use chats, agent work, files, Library, and shared integrations, plus view-only access to roles, guardrails, and the audit log                |

System roles cannot be edited. On enterprise plans, admins can also create **custom roles** with granular permissions, covering areas such as member management, invitations, billing, credits, integrations, organization memory, guardrails, usage and activity visibility, Loops administration, and audit access. Deleting a custom role requires reassigning its members to another role first.

## Guardrails

Guardrails are binding prompt constraints that admins can scope to the entire organization, a specific role, or a specific member. They are injected into the agent's instructions for matching users, take precedence over personal instructions and saved memories, and all matching guardrails apply together. Use them to enforce standing rules such as "never send external emails without approval" or team-specific working agreements.

## Audit Log

The audit log records member, role, and guardrail changes across the organization: invitations, role changes, member removal, user deactivation and reactivation, password resets, and role or guardrail creation, updates, and deletion. Each entry shows the action, who performed it, the target, and the timestamp.

***

## Managing Members

In **Settings -> Membership**, admins can:

* **Change roles** via the dropdown next to any member
* **Deactivate a user**: they are logged out of every session and can no longer sign in, but stay in the member list and can be reactivated at any time
* **Remove members** from the organization
* **Search and filter** by name, email, or role
* **Cancel invitations** that haven't been accepted
* **Review invitation requests** submitted by members
* **Track seat usage** and open Plans to add seats when needed

| Status  | Meaning                              |
| ------- | ------------------------------------ |
| Active  | Accepted and using the platform      |
| Pending | Invitation sent, awaiting acceptance |
| Expired | Invitation expired after 7 days      |

<Note>
  Removing a member automatically pauses all of their Loops so recurring work does not keep running under an account that has left, and the removal is recorded in the audit log.
</Note>

## Seats

The Membership page shows active member count against available seats. If your workspace is at capacity, admins can open Plans to add seats. Non-admins should ask an admin to add seats or approve invites.

## Access and Sharing

Team membership controls who can use the organization workspace. Access to individual files, folders, integrations, and external systems may still depend on sharing settings, org-wide access, OAuth scopes, API key permissions, and roles in the connected service.

***

<CardGroup cols={2}>
  <Card title="Settings" href="/essentials/settings">
    Configure workspace preferences
  </Card>

  <Card title="Security" href="/essentials/security">
    Data protection and privacy
  </Card>
</CardGroup>
