Skip to main content
Workspaces Team roles

Owner. Manager. Member. Three roles, no overlap.

Workspace roles separate billing power from operational power from execution. People only see what they're meant to act on — and the audit log proves it.

O

Owner

Owns the workspace. The buck stops here.

Owners control billing, transfer ownership, suspend the workspace, and grant any other role. Every workspace has at least one Owner. Larger orgs have two for continuity.

  • Manage billing, plan, and payment method
  • Add or remove any member, including other Owners
  • Transfer ownership of the workspace
  • Suspend, archive, or delete the workspace
  • Configure workspace-level security (2FA, IP allowlist)
  • Audit log access — full history
  • All Manager and Member capabilities
M

Manager

Operational lead. Runs the day-to-day.

Managers configure apps, automations, and channels. They invite Members and set per-app permissions. They cannot touch billing or transfer the workspace.

  • Create, configure, and archive apps
  • Edit AI agents, KBs, channels, plugins
  • Build and publish automations
  • Invite Members and assign per-app access
  • View all reports and analytics
  • Connect and disconnect integrations
  • All Member capabilities
M

Member

Execution-level. Handles the work.

Members are the people doing the work — handling conversations, escalating, marking resolutions. They see what they're assigned, not what they're not.

  • Handle assigned conversations across channels
  • Triage, escalate, and tag inbox items
  • View reports for apps they're assigned to
  • Edit their own profile and notification preferences
  • Comment on customer records and tasks
  • Cannot edit agent config or automations
  • Cannot invite or remove team members
Role × module access

What each role can actually do.

The full access matrix. Full = read + write + delete. View = read only. None = no surface at all.

Billing & plan

Owner

Full

Manager

View

Member

None

Members & invitations

Owner

Full

Manager

Invite-only

Member

View self

Apps — create & archive

Owner

Full

Manager

Full

Member

None

AI agent config

Owner

Full

Manager

Full

Member

View

Knowledge base — edit

Owner

Full

Manager

Full

Member

View

Channels — connect

Owner

Full

Manager

Full

Member

None

Automations — publish

Owner

Full

Manager

Full

Member

View

Plugins & integrations

Owner

Full

Manager

Full

Member

View

Inbox — handle conversations

Owner

Full

Manager

Full

Member

Assigned

Reports & analytics

Owner

Full

Manager

Full

Member

Assigned

Audit log

Owner

Full

Manager

View

Member

None

Workspace security (2FA, IP)

Owner

Full

Manager

View

Member

None

Transfer ownership

Owner

Full

Manager

None

Member

None
Why three roles

Operational separation, not org-chart theater.

Two-role systems collapse under real teams. An admin role that bundles billing with bot config means your finance lead can suddenly retrain a customer-facing AI. Three roles let you delegate operations without exposing the company credit card.

Five-plus-role systems collapse under reality. They generate matrix sprawl, RBAC bugs, and an inevitable "just make me a super-admin" Slack message at 11pm. We picked the smallest set that survives a multi-app organization.

Per-app permissions live one level down. A Manager can be a Manager of every app, or just one. A Member can be assigned to any subset of apps. That's where granularity belongs — not at the workspace tier.

1

Owner

Owns the company on Omazy

2

Manager

Owns the operations

3

Member

Owns the work

Set roles that match your team.

Spin up a workspace, invite teammates, assign roles in under five minutes.

Create your Workspace See the workspace model

✓ Free during early access✓ Unlimited members✓ Audit log included