Team, roles & permissions

Everyone in Every has exactly one role, and the role decides what they can see and do, from full admin to task-only access. This page covers inviting people, managing them, and building the roles themselves.

Inviting people

From Administration → Team, choose Invite: enter one or more email addresses and pick the role each person receives on acceptance. Invitees get an email link, set up their profile, and then wait briefly while you complete their setup (departments, weekly hours). Pending invitations are listed with Resend and Cancel actions.

If you'd rather open the doors, authentication settings support self-signup restricted to your email domains, with a default role for newcomers.

Managing a team member

Click anyone on the Team page to edit them:

  • Profile: name, email, avatar.
  • Work: timezone, weekly hours (drives their timesheet target and capacity), and Tracks time (whether the timesheet features apply to them at all).
  • Role and departments.

Two special actions live here too:

  • Impersonate signs you in as that person, seeing exactly what they see. Invaluable for "it doesn't work for Sarah" moments; a Stop Impersonating button brings you back.
  • Suspend locks the account immediately (they're signed out on the spot) without deleting anything. Unsuspend restores access.

Departments

Departments group people into teams: Design, Development, Account Management. They give each team its own board (optionally with its own statuses), colour-code tasks, and scope capacity reporting via each department's Tracks capacity setting. People can belong to more than one.

Roles

Administration → Roles is where access control lives. The built-in Admin role is the system role: it always has every permission, can't be deleted, and the workspace always keeps at least one admin.

Beyond that, build custom roles from granular permissions grouped by area:

AreaControls
Agency configurationSettings, labels, statuses, integrations, roles
Team managementInvite, edit, suspend, impersonate
AutomationsManage system automations, view the audit log
Reports & capacityCapacity report, timesheet report, capacity summaries
Clients / Projects / DepartmentsCreate, edit, delete for each
RetainersView, create, edit, delete, renew, edit completed
TasksCreate, edit, delete others' tasks
CommentsModerate others' comments
Time entriesView, edit, delete others' entries

Absences matter as much as grants: no retainer permission means no Retainers section, no financial visibility, and an AI assistant connected to that user's account inherits the same limits. A sensible pattern is three or four roles (say Admin, Account Manager, Team Member) rather than one per person.

Was this page helpful?