TofuPilotTofuPilot
Access

Managing Members

Last updated on May 21, 2026

Each member holds an access role and optionally belongs to one or more teams. Member management requires Admin or Owner, and every action below lives under Settings > Members.

Invite a member

To bring someone into your organization, you send them an email invitation from the dashboard.

Open Settings > Members.

Enter the email, pick a role, and optionally select teams.

The invitee appears in Pending marked Invited. They get an email with a sign-up link, and the link expires after seven days.

If the invitee already has a TofuPilot account in another organization, the invitation links the existing account on accept.

Accept an invitation

When you receive an invitation, you click the link in the email to join. If you have a TofuPilot account, the link adds you to the new organization on sign-in. Otherwise you complete sign-up, and the organization assignment happens once your email is verified.

Change a role

Roles update instantly, so you can promote or demote a member without asking them to sign out.

Find the member row.

Click the actions menu and select Change role.

Pick the new role and confirm. The role updates instantly, with no sign-out required.

You cannot change your own role, so another Admin or Owner has to do it.

Manage team assignments

Teams scope which Stations and Runs a member can see, and a member can belong to any number of teams.

Find the member row.

Click the actions menu and select Manage teams.

Check and uncheck teams, then save.

Owners, Admins, and Developers see all data regardless of team, while Viewers and Operators are team-scoped.

Ban a member

Banning blocks sign-in without deleting data, so runs, Procedures, and Units the user created stay accessible.

Find the member row.

Click the actions menu and select Ban. You can provide an optional reason.

Active sessions end immediately and sign-in is rejected.

To restore access, find the user and select Unban.

Impersonate a member

Owners and Admins can impersonate other members for troubleshooting, and every impersonation session is logged with the impersonator's identity.

Find the member row.

Click the actions menu and select Impersonate.

The dashboard reloads under the impersonated identity, and a banner stays at the top of every page.

Click End impersonation to return to your account.

Impersonation cannot perform billing actions, change SSO config, or delete the organization, even if the impersonated user has those permissions.

Remove a member

Removing revokes access permanently. Data stays in the organization, but the account disconnects.

Find the member row.

Click the actions menu and select Remove.

Confirm. Sessions end and access is lost immediately.

Owners cannot be removed directly, so you have to transfer ownership first under Settings > Organization.

Access roles

What each role can do.

Teams

Scope data visibility.

How is this guide?

Access

Learn how to manage who can sign in to your TofuPilot organization, what they can do, and how they authenticate across users, teams, and stations.

Access Roles

Learn how the five TofuPilot access roles control what every member can read and write, and how teams layer on top to scope visibility.

On this page

Invite a memberAccept an invitationChange a roleManage team assignmentsBan a memberImpersonate a memberRemove a member