Inviting Team Members
Blocx supports multi-user organizations with role-based access control. Invite teammates from Team instead of sharing your login.
Why role-based access matters
Role-based access lets you give engineering, marketing, and finance the exact scope they need without sharing your login or exposing parts of the platform they shouldn't touch.
Sending an invite
- Open Team.
- Click Invite member.
- Enter the teammate's email and pick a role (see below).
- Optionally attach a custom permission set.
- Click Send invite.
The teammate receives an email with a one-time invite link. The link expires after 7 days. They'll accept the invite at /invite/<token>, which lets them set a password (or sign in with Google) before landing in the dashboard.
Built-in roles
| Role | Can do | Cannot do |
|---|---|---|
| Owner | Everything, including billing and deleting the org | — |
| Admin | Manage numbers, domains, brands, campaigns, team, API keys, webhooks | Delete the organization, transfer ownership |
| Member | Send messages, manage campaigns, brands, mailboxes, 2FA templates | Buy numbers, manage team, edit billing |
| Viewer | Read-only access to all resources | Make any change |
Owners cannot be removed by other members. If you need to transfer ownership, the current owner must do it from Team.
Custom permission sets
For granular control, attach a custom permission set to any non-owner member. Permission sets toggle access per resource (messages, campaigns, brands, numbers, messaging_profiles, webhooks, email, mailboxes, twofa, twofa_templates, quotas, team) and per action on that resource.
⚠️ When a new feature ships, new permission keys default to "deny" for existing custom permission sets. Review your custom sets after major releases and grant access where appropriate.
Removing members
From Team, open the actions menu next to a member and choose Remove. They lose dashboard access immediately. API keys they created remain active — they belong to the organization, not the user — so review and rotate them at API Keys if the departure was contentious.
Resending or canceling invites
Pending invites appear at the top of the Team page. Use the actions menu to Resend (issues a new one-time link and emails it) or Cancel (invalidates the link immediately).
Best practices
- Encourage every member to enable two-factor authentication on their own account.
- Use named roles per function rather than per person.
- Review team membership periodically; remove people who have left or changed roles.
- For temporary access (contractors, auditors), use a short-lived API key instead of a dashboard invite if they don't need the UI.