Managing Members
Invite team members, assign roles, manage pending invitations, and control organization and project-level access in CallMeter.
CallMeter organizations support team collaboration through role-based access control. As your team grows, you can invite members, assign appropriate roles, control which projects they can access, and remove members who no longer need access. This guide covers every aspect of member management.
Organization Membership Model
Every user in CallMeter belongs to at least one organization. Within an organization, each member has:
- An organization-level role -- Defines their base permissions across the entire organization
- Optional project-level role overrides -- Grants different permissions for specific projects
- Project access scope -- Either all projects or only explicitly assigned projects
The organization owner (the person who created the organization) has full control over membership, billing, and settings. Admins can manage members but cannot access billing or delete the organization.
Inviting a Member
Only users with the Admin or Owner role can invite new members.
- Navigate to Settings > Members
- Click Invite Member
- Enter the member's email address
- Select an organization-level role:
- Viewer -- Read-only access to dashboards and results
- Tester -- Can run existing tests and execute probes
- Editor -- Can create, modify, and delete tests, probes, registrars, and media files
- Admin -- Can manage members and organization settings
- Choose project access:
- All Projects -- Access every project in the organization, including future projects
- Specific Projects -- Only the explicitly selected projects are visible
- If you selected specific projects, check the projects to grant access to
- Click Send Invitation
The invited person receives an email with a link to join your organization. If they do not already have a CallMeter account, they will be prompted to create one during the acceptance process.
Invitation link expiration
Invitation links expire after a set period. If the invite expires before acceptance, you can resend it from the Members page.
Invitation Lifecycle
After sending an invitation, it progresses through the following states:
| Status | Description |
|---|---|
| Pending | Invitation sent, awaiting the recipient's response |
| Accepted | The user clicked the link and joined the organization |
| Expired | The invitation timed out without being accepted |
| Revoked | An admin or owner manually cancelled the invitation |
Managing Pending Invitations
From the Members page, you can see all pending invitations alongside active members.
To resend an expired invitation:
- Find the expired invitation in the list
- Click Resend
- A new invitation email is sent with a fresh expiration
To revoke a pending invitation:
- Find the pending invitation
- Click Revoke
- The invitation link becomes invalid immediately
Changing a Member's Role
Admins and Owners can change the role of any member (except the Owner role, which cannot be reassigned through the UI).
- Navigate to Settings > Members
- Find the member in the list
- Click the role dropdown next to their name
- Select the new role
- Click Save
Role changes take effect immediately. The member's permissions are updated the next time they load any page.
Downgrading roles removes capabilities instantly
If you change a member from Editor to Viewer, they immediately lose the ability to create or modify resources. Any unsaved work in progress may be lost. Notify the member before changing their role.
Role Hierarchy
Roles are hierarchical -- each role inherits all permissions from the roles below it:
| Role | Level | Inherits From |
|---|---|---|
| Viewer | 1 | -- (base level) |
| Tester | 2 | Viewer |
| Editor | 3 | Tester |
| Admin | 4 | Editor |
| Owner | 5 | Admin |
This means an Admin can do everything a Viewer, Tester, and Editor can do, plus manage members and settings.
Organization vs. Project-Level Access
CallMeter provides two layers of access control that work together.
Organization-Level Role
The role assigned when inviting a member applies to the entire organization by default. A member with the Editor role at the organization level can create and modify resources in any project they have access to.
Project-Level Role Overrides
You can override a member's organization role for specific projects. This is useful when:
- A member needs read-only access to most projects but editing rights in their team's project
- A senior engineer needs Admin rights in their project but should only be a Viewer elsewhere
- An external consultant should have limited access to one specific project
To set a project-level role override:
- Navigate to Settings > Members
- Click on the member to open their detail view
- Under Project Access, find the specific project
- Select a different role for that project
- Save changes
The project-level role takes precedence over the organization role for that specific project. For all other projects, the organization role applies.
Project Access Scope
Independent of role, each member has a project visibility scope:
| Scope | Behavior |
|---|---|
| All Projects | Member sees every project, including ones created after they joined |
| Specific Projects | Member sees only the projects explicitly assigned to them |
A member with "Specific Projects" access and the Editor role can create and modify resources, but only within their assigned projects. They cannot see or access any other projects.
New projects and access scope
Members with "All Projects" access automatically gain access to new projects when they are created. Members with "Specific Projects" access must be explicitly added to new projects.
Removing a Member
Admins and Owners can remove any member except the Owner.
- Navigate to Settings > Members
- Find the member you want to remove
- Click Remove Member (or the remove icon)
- Confirm the removal
Removal takes effect immediately:
- The member loses access to all projects and data in the organization
- Any API keys created by the member are revoked
- The member can no longer log into the organization
- Their historical activity (test runs, configurations) is retained for audit purposes
Removal is immediate and permanent
Once removed, a member must be re-invited to regain access. There is no "undo" for member removal. Exercise caution, especially when removing members who created resources or API keys used in automated workflows.
Viewing the Member List
The Members page shows all active members and pending invitations:
For each active member:
- Name and email address
- Organization-level role
- Project access scope (All or Specific)
- Date joined
- Last activity
For each pending invitation:
- Email address
- Assigned role
- Invitation status and date sent
Use the search field to filter the list by name or email when your organization has many members.
Best Practices
Start with Least Privilege
Assign the minimum role necessary for each member's responsibilities:
- Viewer for stakeholders who only need to review dashboards and results
- Tester for QA engineers who run pre-configured tests but do not create new ones
- Editor for engineers who design and configure tests, probes, and registrars
- Admin for team leads who need to manage membership
- Owner is reserved for the person responsible for billing and organization lifecycle
Use Project-Level Overrides for Contractors
External consultants or contractors should receive "Specific Projects" access scoped to only the projects they are working on. This limits their visibility and prevents accidental access to sensitive configurations.
Review Membership Regularly
Periodically audit your member list to remove inactive members, revoke unused invitations, and ensure roles still match responsibilities. This reduces your security surface.
Document Role Assignments
For larger organizations, maintain an internal record of who has what role and why. This simplifies onboarding and offboarding.
Next Steps
- Roles and Permissions -- Detailed permission matrix for all roles
- API Authentication -- API keys inherit the creator's permissions