Skip to main content
Control who has access to your organization and what they can do.

Inviting Members

1

Go to Members

Navigate to Settings > Members in the dashboard sidebar.
2

Click Invite Member

Hit the Invite Member button.
3

Enter their email

Type the email address of the person you want to invite.
4

Select a role

Choose the role that matches what this person needs to do. See the role table below.
5

Send the invitation

They’ll receive an email invitation with a link to join your organization.

Roles

RoleLevelAvailable On
Owner100All plans
Admin80All plans
Security Lead60Pro, Enterprise
Billing Admin60Pro, Enterprise
Member40All plans
Viewer20All plans

What Each Role Can Do

Owner — Everything. Create and delete the organization, transfer ownership, manage billing, assign any role. There is exactly one Owner per organization. Admin — Everything except delete the organization, transfer ownership, and manage billing. Admins handle day-to-day operations: managing members, configuring policies, creating API keys. Security Lead — Security settings, policies, audit log, and fleet management. Cannot manage members or billing. Built for the person responsible for your security posture without giving them team management powers. Billing Admin — Billing and plan management. Read-only access to the audit log. Built for finance teams who need to manage subscriptions without touching security configuration. Member — Create API keys, create policies, triage issues. Cannot manage team members or change settings. The default role for developers who need to use Takumo daily. Viewer — Read-only access to everything. Cannot create, edit, or delete anything. Good for stakeholders who need visibility without the ability to change anything.

Anti-Escalation

You can only assign roles at or below your own level. An Admin (level 80) cannot create another Owner (level 100). A Member (level 40) cannot promote someone to Admin (level 80). This prevents privilege escalation. The only way to create a new Owner is for the current Owner to transfer ownership.

Custom Roles

Custom roles are an Enterprise feature.
Enterprise organizations can create roles with specific permission combinations that don’t map to the built-in roles. Define exactly which scopes a role should have, give it a name, and assign it to members.

Member Limits

PlanMax Members
Free5
Developer5
Pro25
EnterpriseUnlimited
When you hit the member limit for your plan, you’ll need to upgrade before inviting additional members.