title: "Add Users and Set Roles" order: 13
Invite teammates, grant appropriate access, and protect your account with clear roles and security controls.
Step 1: Invite a user
- Instruction: Go to Team → Invite User, enter the teammate’s email, choose a role, and send the invitation.
- Expected: The teammate receives an invite email and appears on the team list after acceptance.
- Why it matters: Timely invites accelerate onboarding and give colleagues necessary access.
- Troubleshooting: If the invite email is not received, confirm the address and ask them to check spam.
Step 2: Assign roles and permissions
- Instruction: Select a role (Admin, Editor, Viewer) and adjust permissions for funnels, pipelines, and billing as needed.
- Expected: The user’s UI shows only the areas permitted by their role.
- Why it matters: Least privilege reduces accidental edits and data exposure.
- Troubleshooting: If a user lacks needed access, temporarily elevate role or create a custom role.
Step 3: Enable Multi-Factor Authentication (MFA)
- Instruction: Require MFA for admin accounts and encourage MFA for all users in Settings → Security.
- Expected: Admin login requires a second factor at sign-in.
- Why it matters: MFA significantly reduces risk from compromised passwords.
- Troubleshooting: If a user loses access to MFA, use the account recovery flow or contact support.
Step 4: Audit access regularly
- Instruction: Quarterly, review user list and remove stale accounts or adjust roles for staff changes.
- Expected: Only active team members have access and roles match responsibilities.
- Why it matters: Regular audits prevent orphaned accounts and maintain compliance.
- Troubleshooting: Keep an access log and tag accounts with owners to simplify reviews.
What success looks like
- Invited users appear and can perform their assigned tasks.
- Admins have MFA enabled and role-based access is enforced.
- Regular audits reduce the number of inactive or over-privileged accounts.