Skip to main content
Your organization’s members and their roles live under Settings › Members. This page is for owners and admins who manage the team: inviting people, choosing what each can do, and removing or restoring access. Access control is role-based and enforced everywhere in MerchantOps — every action is checked against the acting member’s role, and every member only ever sees their own organization’s data.

Roles

Each member holds one or more roles, and a role is a bundle of permissions. MerchantOps ships four core roles, from most to least privileged:
RoleBroadly can
OwnerEverything, plus organization-level control: manage members and their roles, billing, and API keys.
AdminManage the catalog, pricing, publishing, enrichment, lakehouse, and content settings; invite and view members. Cannot change roles, remove members, or manage billing and API keys.
EditorCreate and edit catalog and pricing data, run enrichment, and prepare batches. Cannot approve, delete, or change organization settings.
ViewerRead-only access across the catalog, pricing, and jobs.
Roles are additive and enforced per action — a member with a role that lacks a permission simply can’t take that action, and the affected controls are hidden or disabled. Approving, deleting, and publishing are gated separately from editing, so you can let someone prepare changes without letting them approve their own work.
Some organizations have additional roles beyond the four core ones (for example a pricing- or catalog-focused role). The role picker shows every role configured for your organization, so assign whichever fits the person’s job.
A few actions are Owner-only: changing another member’s roles, removing a member, managing billing, and creating or revoking API keys. An Admin can invite new members and view the team but cannot change roles or remove anyone.

Invite a member

1

Open Settings › Members

You need permission to invite members (Owner or Admin).
2

Enter their details

Provide the person’s email address, and optionally their name. Choose the role(s) to assign — you can change these later.
3

Send the invitation

MerchantOps emails the person an invitation link. They appear in the members list as pending until they accept and sign in, at which point they become active.
If someone doesn’t receive their invitation, invite them again — re-inviting a pending member resends the email. MerchantOps surfaces the real reason when an invitation can’t be sent, rather than silently failing.

Change a member’s roles

An Owner can update any member’s roles at any time from the members list. The change takes effect on the member’s next authenticated action; there may be a short delay while their session refreshes.

Remove and reactivate members

Removing a member deactivates them: they immediately lose access, but the record is retained so you can restore it later.
1

Remove

An Owner removes a member from the members list. The member is deactivated and can no longer sign in. You cannot remove yourself.
2

Reactivate

A deactivated member can be reactivated from the same list, restoring their previous roles.
If a member was invited but never accepted (their email was never verified), reactivating them isn’t possible — MerchantOps re-invites them instead, using the same single action, so a fresh invitation email goes out.

How access is enforced

MerchantOps is multi-tenant. Authentication and role checks run on every request, and all data is scoped to your organization — there is no way for a member of one organization to read or change another’s catalog, pricing, or settings. Roles govern what a member can do; organization scoping governs whose data they can do it to.

Lakehouse sharing

Control what your organization contributes to shared knowledge.

Content settings

Set the tone and structure of AI-generated content.