Formael

Team Management

Invite colleagues, manage roles, and control who has access to your Formael organization.

Documentation
9 of 11

Team Management

Formael is built for teams. Every person who needs to configure agents, review execution history, or manage governance policies works within your organization through a named role. This page covers how to invite members, what each role can do, and how to manage access as your team grows.

Roles

Every member of your organization holds exactly one role. Roles determine what a member can see and do in the Formael console.

RoleWho it's forWhat they can do
OwnerOrg founder, primary adminEverything — including billing changes, SSO configuration, and ownership transfer
AdminTeam leads, ops engineersInvite and remove members, manage agents, configure policies and credentials
MemberAgent developers, platform usersSubmit intents through agents, view their own execution history
ViewerAuditors, stakeholdersRead-only access to execution logs, policy lists, and approval queues

Roles are additive — each role includes all the permissions of the roles below it. An Admin can do everything a Member can. A Member can do everything a Viewer can.

Inviting a Member

Only Admins and Owners can invite new members.

  1. Go to Settings → Members
  2. Click Invite Member
  3. Enter the person's email address and choose their role
  4. Click Send Invitation

An email invitation is sent with a link that expires in 7 days. Until they accept, they appear in the member list with an Invited status.

Formael does not limit how many people you can invite to your organization — membership is not seat-based. Platform limits apply to usage: agents registered, connectors configured, and IEC execution volume.

Changing a Member's Role

  1. Go to Settings → Members
  2. Find the member in the table
  3. Open the ⋮ menu next to their name and select Change Role
  4. Pick the new role and confirm

Role change constraints:

  • Admins can change the role of Members and Viewers only
  • Only an Owner can change an Admin's role
  • You cannot change your own role
  • The Owner role cannot be assigned through this flow — see Ownership Transfer below

Removing a Member

  1. Go to Settings → Members
  2. Open the ⋮ menu next to the member
  3. Select Remove Member and confirm the dialog

Removing a member revokes their access immediately. They are signed out of the organization on their next request. Their past activity (execution history, approvals) is preserved in the audit trail.

Removal constraints:

  • Admins can remove Members and Viewers
  • Only an Owner can remove an Admin
  • The last Owner of an organization cannot be removed — transfer ownership first
  • You cannot remove yourself

Ownership Transfer

The Owner role can only move through an explicit transfer. This is a deliberate safety measure — organizations always have exactly one Owner accountable for billing and configuration.

Ownership transfer currently requires contacting [email protected]. A self-serve ownership transfer flow is on the roadmap.

How Members Join Your Organization

Members can join in several ways, depending on your plan and provisioning settings. The How joined column in the member list always shows how each person was added:

ValueMeaning
InvitationJoined via an email invite sent by an Admin or Owner
Domain matchJoined automatically because their email domain is on your allowed list (Pro+)
SSOProvisioned automatically on first login via your identity provider (Enterprise)

See Provisioning Settings for details on controlling how new members join.

Previous

Connectors & Integrations

Next

Provisioning Settings