Users & Roles
Two layers of access control
- Users — the people who can log into your dashboard
- Roles — what each user is allowed to see and change
A user has one of two built-in roles (Tenant Admin or Tenant User) plus optionally a custom role that grants or restricts specific permissions.
Where this lives
- Top nav → Users — manage user accounts
- Top nav → Roles — manage custom roles (only Tenant Admins see this)
The user list
Columns:
- Name
- Built-in Role (Tenant Admin / Tenant User)
- Custom Role (if assigned)
- Email Verified (badge)
- Associated Extensions
- Created Date
- Last Login
- Actions (Edit, Resend Invite, Delete)
Inviting a new user
Click Invite User. Form:
- Email — they'll receive an invite at this address
- Name — display name
- Role — Tenant Admin or Tenant User
- Custom Role — optional, for fine-grained permissions
- Assigned Extensions — optional, link this user to one or more extensions (so when they log in, they can see "their" voicemail, see their call history, etc.)
Click Send Invite. Invitee gets an email with a link. They click, set a password, log in.
Invites expire after 7 days. Resend Invite generates a new invite if needed.
Built-in roles
| Role | What they can do |
|---|---|
| Tenant Admin | Everything. Manage extensions, DIDs, call flows, voicemail, billing view, users, roles, settings. |
| Tenant User | Default permissions: view own voicemail, view own call history, view directory. Can't change settings or see other users' data. |
A Tenant User with no custom role gets the defaults above. Apply a custom role to grant additional permissions.
Custom roles
A custom role is a reusable set of permissions. Examples:
- Receptionist — view all extensions, see queue stats, manage voicemail boxes (so they can re-record office greetings), no billing
- Manager — view all call history and analytics, manage queue agents (pause/unpause), no billing
- Billing Person — view billing only, nothing else
Creating a custom role
Top nav → Roles → click New Role.
- Name — display name
- Description — what this role is for
- Permission matrix — checkboxes for each (category, action) pair
Permission categories
| Category | What it controls |
|---|---|
| Extensions | Create/edit/delete user extensions |
| Provisioning | Manage desk phones |
| Phone Numbers | View/configure DIDs |
| Call Flows | Build/edit visual call routing |
| Ring Groups | Configure ring groups |
| Call Queues | Configure queues; manage queue agents |
| Voicemail | Manage voicemail boxes |
| Parking Lots | Configure parking |
| Pickup Groups | Configure pickup groups |
| Paging Groups | Configure paging |
| Custom Destinations | Manage external-number shortcuts |
| Feature Codes | Configure star codes |
| Media | Upload/manage audio files |
| Call History | View call records |
| Analytics | View dashboards and reports |
| Users | Manage other users |
| Settings | Tenant-wide configuration |
| Campaigns | Outbound auto-dialer |
| Fax | Send/receive faxes |
Actions
For each category, four possible actions:
- View — see the data
- Create — make new entries
- Edit — modify existing entries
- Delete — remove entries
Tenant Admins effectively have all 4 on every category.
Setting up a role
For a "Receptionist" role:
| Category | View | Create | Edit | Delete |
|---|---|---|---|---|
| Extensions | ✓ | |||
| Voicemail | ✓ | ✓ | ✓ | |
| Call Flows | ✓ | |||
| Ring Groups | ✓ | |||
| Call Queues | ✓ | |||
| Call History | ✓ | |||
| Media | ✓ | ✓ | ✓ | |
| Settings | ||||
| Users | ||||
| Billing |
Save. Now any user assigned this role has exactly these permissions.
Editing a role
Edit the role, change the permission matrix, save. Changes apply immediately to every user with this role.
Deleting a role
Confirm. Users with this role lose the role's permissions but keep their built-in role's defaults. They're not deleted — only the role assignment is removed.
Editing a user
Click the user. Change name, role, custom role, assigned extensions. Save.
Removing a user
Click Delete. Confirm.
The user can no longer log in. Their existing sessions are invalidated within 60 seconds.
Their audit-log entries are preserved (don't lose the trail of who did what).
Email verification
When an invite is accepted, the user's email is automatically verified. If for some reason verification didn't happen (rare), they'll see a "verify your email" page on login. Resend the verification email from their user record.
2FA
Each user can enable 2FA on their own account: Settings → Account → Two-Factor Authentication.
For Tenant Admins, enable 2FA. You're managing a phone system. A compromised admin account = a hijacked phone system.
For Tenant Users, 2FA is recommended but optional.
Common patterns
Onboarding a new employee
- Their manager creates the extension (chapter 4)
- Manager invites the user with role = Tenant User, links them to the extension
- User receives invite email, sets password, logs in
- They can now check their own voicemail, see their call history, see the directory
- If they need broader access (e.g., they're going to be the office "phone person"), assign a custom role like "Receptionist"
Off-boarding a departing employee
- Reset their extension's SIP password (so the phone stops working with cached creds)
- Delete their user account
- Reassign their extension to whoever's taking their job (or delete the extension)
- Update any call flows / ring groups / queues that referenced their extension
Creating a "view-only" account for an external auditor
- Create custom role "Auditor": View on all categories, Create/Edit/Delete on none
- Invite the auditor as a Tenant User
- Assign the Auditor role
- They can see everything but change nothing
Common pitfalls
- Inviting with wrong role — Tenant Admin = full access; can't restrict an admin with a custom role. If you want partial access, invite as Tenant User + custom role.
- Custom role with no permissions checked — user can log in but sees an almost-empty dashboard. Confusing for them. Always grant at least View on the categories they need.
- Forgetting to delete users when employees leave — they can still log in, see data, change settings. Always delete promptly.