Features

Team Members and Roles

Last updated March 5, 2026

Team Members and Roles

LegalBanner uses role-based access control (RBAC) to manage who can do what across your organization and clients.

Organization Roles

Every team member has an organization-level role: | Role | Permissions | |---|---| | Owner | Full access. Manages billing, team members, and all settings. Only one owner per org. | | Admin | Full access except billing and ownership transfer. Can manage all sites, clients, and team members. | | Editor | Can create and edit sites, banners, policies, and scans. Cannot manage team members or billing. | | Viewer | Read-only access to all data. Cannot modify anything. |

Client-Level Roles

On the Pro plan, you can invite users with access scoped to a specific client: | Role | Permissions | |---|---| | Client Admin | Full access to the assigned client's sites and settings. Cannot see other clients. | | Client Viewer | Read-only access to the assigned client's data. | Client-level users are perfect for giving your agency clients access to their own compliance data without exposing other clients' information.

Inviting Team Members

1. Go to Settings > Team in the sidebar 2. Click Invite Member 3. Enter their email address 4. Select a role (Owner/Admin/Editor/Viewer) 5. Click Send Invite The invited user receives an email with a magic link. After clicking it, they're added to your organization with the assigned role.

Inviting Client Members

1. Go to the specific Client detail page 2. Click Invite Member 3. Enter their email and select Client Admin or Client Viewer 4. Click Send Invite

Changing Roles

Admins and Owners can change a team member's role at any time from the Team settings page. Click the role dropdown next to the member's name and select a new role.

Removing Members

Click Remove next to a team member to revoke their access. They will immediately lose access to the organization and all its data.

Role Enforcement

Roles are enforced at both the API and UI level:
  • API routes check the user's role before performing any action
  • UI components hide or disable features the user does not have access to
  • Row Level Security in the database ensures data isolation

Limits

| Plan | Team Members | |---|---| | Free | Owner only | | Starter | Unlimited org members | | Pro | Unlimited org + client members |