Team Collaboration
Invite team members to collaborate on your KnoxCall tenant with role-based access control.Overview
Team features:- ๐ฅ Invite unlimited team members
- ๐ Role-based permissions (Admin, Developer, Viewer)
- ๐ง Email invitations with secure links
- ๐ Easy member management
- ๐ Audit log tracking of member actions
- Dev teams managing API integrations
- Ops teams monitoring traffic
- Security teams auditing access
Team Roles
Administrator
Full access to everything: โ Can do:- Create/edit/delete routes
- Create/edit/delete secrets
- Create/edit/delete clients
- Manage team members (invite/remove)
- Change tenant settings
- Roll subdomain hash
- View/export all logs
- Configure alerts
- Manage billing
- Delete tenant (requires owner)
- Engineering leads
- DevOps engineers
- Technical founders
Developer
Create and configure resources: โ Can do:- Create/edit/delete routes
- Create/edit/delete secrets
- Create/edit/delete clients
- View logs and analytics
- Test routes
- Configure environments
- Invite/remove team members
- Change tenant settings
- Roll subdomain hash
- Manage billing
- Delete tenant
- Backend developers
- Integration engineers
- QA engineers
Viewer
Read-only access: โ Can do:- View routes (cannot edit)
- View logs and analytics
- View alerts (cannot configure)
- View team members
- Create/edit/delete anything
- View secret values
- Test routes
- Configure settings
- Manage billing
- Product managers
- Customer success
- Junior developers
- External auditors
Inviting Team Members
Step 1: Navigate to Team Page
- Click Settings in sidebar
- Select Team
- See current team members
Step 2: Invite Member
- Click + Invite Member
- Enter email address:
- Select role:
- Click Send Invitation
Step 3: Invitation Sent
Email sent to invited user:Step 4: User Accepts
New user:- Clicks โAccept Invitationโ
- Creates KnoxCall account
- Sets password
- Gains access to tenant
- Clicks โAccept Invitationโ
- Logs in with existing account
- Tenant added to their account
- Can switch between tenants
Managing Team Members
Viewing Team
Team page shows:- Member name and email
- Role (Admin, Developer, Viewer)
- Status (Active, Pending invitation)
- Joined date
- Last active
Changing Member Role
- Navigate to Settings โ Team
- Find team member
- Click Change Role dropdown
- Select new role
- Confirm
Removing Team Member
- Navigate to Settings โ Team
- Find team member
- Click Remove
- Confirm removal
- User loses access to tenant immediately
- Cannot view routes, secrets, logs
- Can no longer make changes
- Audit logs still show their past actions
Resending Invitation
If invitation expired or email lost:- Navigate to Settings โ Team
- Find pending invitation
- Click Resend
- New invitation email sent
Canceling Invitation
Before user accepts:- Navigate to Settings โ Team
- Find pending invitation
- Click Cancel
- Invitation link becomes invalid
Audit Logging
All team member actions are logged: View team member activity:- Navigate to Monitoring โ Audit Logs
- Filter by user email
- See all changes made by that member
- Compliance audits
- Troubleshooting configuration issues
- Security investigations
Best Practices
1. Principle of Least Privilege
Assign minimum necessary role: โ Good:2. Regular Access Reviews
Monthly:- Review team member list
- Remove inactive members
- Verify roles still appropriate
- Check for ex-employees
3. Use Service Accounts for Automation
Donโt share personal accounts for CI/CD: โ Bad: Use john@example.com credentials in CI โ Good: Create API key for CI/CD Team members = humans only4. Document Team Structure
Maintain team roster:5. Onboarding/Offboarding Process
New team member:- Invite to KnoxCall tenant
- Share documentation links
- Walkthrough key routes/secrets
- Add to on-call rotation (if applicable)
- Remove from KnoxCall tenant
- Rotate any shared secrets they had access to
- Review their audit logs (last actions)
- Update on-call rotation
Role Permissions Matrix
| Permission | Admin | Developer | Viewer |
|---|---|---|---|
| View routes | โ | โ | โ |
| Create/edit routes | โ | โ | โ |
| Delete routes | โ | โ | โ |
| View secrets (names only) | โ | โ | โ |
| View secret values | โ | โ | โ |
| Create/edit secrets | โ | โ | โ |
| Create/edit clients | โ | โ | โ |
| View logs | โ | โ | โ |
| Export logs | โ | โ | โ |
| Configure alerts | โ | โ | โ |
| View analytics | โ | โ | โ |
| Test routes | โ | โ | โ |
| Invite team members | โ | โ | โ |
| Remove team members | โ | โ | โ |
| Change roles | โ | โ | โ |
| Edit tenant settings | โ | โ | โ |
| Roll subdomain hash | โ | โ | โ |
| Manage billing | โ | โ | โ |
| Delete tenant | Owner only | โ | โ |
Multiple Tenants
If user belongs to multiple tenants: Switch tenants:- Click tenant dropdown (top-left)
- Select different tenant
- UI updates to that tenant
- Separate team with separate roles
- User may be Admin in one, Viewer in another
- Permissions apply per-tenant
Troubleshooting
Issue: โInvitation not receivedโ
Causes:- Email in spam folder
- Typo in email address
- Email server rejecting
- Check spam folder
- Verify correct email
- Resend invitation
- Try different email provider
Issue: โCanโt remove team memberโ
Causes:- Trying to remove yourself (not allowed)
- Only member (need at least one Admin)
- Have another Admin remove you
- Invite another Admin first
Issue: โPermissions not workingโ
Cause: Browser cache Fix:- Log out
- Clear browser cache
- Log back in
- Permissions refresh
Related Features
- Audit Logs: Track team member actions
- Tenant Management: Overall tenant settings
- API Keys: Alternative authentication (not tied to user)
Next Steps
Audit Logs
Track team activity
Tenant Settings
Configure tenant
Routes
Start configuring routes
Secrets
Manage credentials
Statistics: Level: beginner | Time: 5 minutes | Tags:
team, collaboration, permissions, access-control