Team Management

Understanding Team Roles

WebDecoy uses role-based access control to manage what team members can do within your organization. Each member has one of three roles.

Role Hierarchy

Role	Description	Permissions
Owner	Organization creator with full control	All permissions, including managing other Owners
Admin	Can manage most settings and team	Cannot change Owner roles or remove Owners
Member	View-only access	Can view detections and data, cannot make changes

Permission Matrix

Action	Owner	Admin	Member
View detections and analytics	✓	✓	✓
View team members	✓	✓	✓
Invite new members	✓	✓	✗
Change member roles	✓	✓*	✗
Remove members	✓	✓*	✗
Revoke invitations	✓	✓	✗
Manage domains and decoys	✓	✓	✗
Configure integrations	✓	✓	✗
Manage billing	✓	✗	✗
Delete organization	✓	✗	✗

*Admins cannot modify Owners

Accessing Team Settings

To manage your team:

Click Settings in the sidebar
Select Team

You’ll see the Team Settings page with two main sections:

Team Members: Current organization members
Pending Invitations: Outstanding invites awaiting acceptance

Inviting Team Members

Owners and Admins can invite new members to the organization.

Sending an Invitation

Navigate to Settings → Team
Click the Invite Member button
Enter the invitee’s email address
Select a role for the new member:
- Admin: Full management access (except billing)
- Member: View-only access
Click Send Invitation

What Happens Next

After sending an invitation:

Email is sent to the invitee with a unique invitation link
Invitation appears in your Pending Invitations table
Expiration timer starts (invitations expire after 7 days)
Invitee clicks the link and is taken to the acceptance page

Invitation Details

Each pending invitation shows:

Field	Description
Email	The invited person’s email address
Role	The role they’ll receive upon acceptance
Invited By	Who sent the invitation
Expires	When the invitation will expire
Actions	Option to revoke the invitation

Revoking Invitations

To cancel a pending invitation:

Find the invitation in the Pending Invitations table
Click the revoke button (trash icon)
Confirm the revocation

The invitation link will no longer work after revocation.

Accepting an Invitation

When someone receives an invitation, they’ll get an email with a unique link.

Acceptance Flow

Email Link → Invitation Page → Sign In (if needed) → Accept → Dashboard

For New Users

If the invitee doesn’t have a WebDecoy account:

Click the invitation link in the email
View the invitation details (organization name, role, inviter)
Click Sign In to Accept
Create a new account or sign in with Google/GitHub
After authentication, automatically join the organization

For Existing Users

If the invitee already has a WebDecoy account:

Click the invitation link in the email
If not logged in, sign in first
View the invitation details
Click Accept Invitation to join
Redirect to the organization dashboard

Invitation Page Information

The invitation page displays:

Organization name
Who invited them
The role they’ll receive
Invitation expiration date
Accept and Decline buttons

Managing Existing Members

Viewing Team Members

The Team Members table shows all current organization members:

Column	Description
Name	Member’s display name
Email	Member’s email address
Role	Current role (Owner, Admin, or Member)
Joined	Date they joined the organization
Actions	Available management actions

Changing a Member’s Role

To change someone’s role (Owners and Admins only):

Find the member in the Team Members table
Click the role dropdown next to their name
Select the new role:
- Owner: Full control (use carefully)
- Admin: Management access
- Member: View-only
The change takes effect immediately

Important restrictions:

You cannot change your own role (except Owners)
Admins cannot promote anyone to Owner
Admins cannot demote Owners

Removing a Member

To remove someone from the organization:

Find the member in the Team Members table
Click the remove button (X icon)
Confirm the removal

Important restrictions:

You cannot remove yourself
Admins cannot remove Owners
Removed members lose all access immediately

Best Practices

Role Assignment Guidelines

Scenario	Recommended Role
Company executives or security leads	Owner
IT administrators or DevOps engineers	Admin
Developers who need to view detections	Member
External auditors or contractors	Member
SOC analysts monitoring threats	Member

Security Recommendations

Limit Owner count: Only essential personnel should be Owners
Use Admin sparingly: Give Admin access only when management is needed
Default to Member: Start with Member role and upgrade as needed
Review regularly: Periodically audit team membership
Revoke promptly: Remove access when team members leave the company

Invitation Best Practices

Verify email addresses before sending invitations
Set appropriate roles upfront rather than changing later
Follow up if invitations aren’t accepted within a few days
Revoke expired invitations to keep the pending list clean

Troubleshooting

Common Issues

Issue	Solution
Invitation email not received	Check spam folder; verify email address is correct
Invitation link expired	Revoke old invitation and send a new one
Cannot change someone’s role	You may not have permission (check if they’re an Owner)
Cannot remove a member	You cannot remove Owners as an Admin
Member can’t see detections	Verify they’re viewing the correct property

Getting Help

If you encounter issues with team management:

Check the Troubleshooting guide
Contact support at [email protected]

Next Steps

Now that your team is set up:

Managing Properties - Organize resources across your team
Subscriptions & Billing - Understand plan limits for team size
API Keys - Create keys for team automation