Roles and permissions

Understand workspace roles.

ClientDeck uses four roles to control what each person can change. The role you assign on invite decides whether a member can edit work or delete records.

Updated May 2026

Owner

The Owner is the person who created the workspace. Ownership is tied to the account itself and cannot be granted or changed from the Team panel.

Owner can edit and delete every record in the workspace.
Owner can invite members and change their roles.
Owner can run the Danger Zone actions in the Security tab.
Owner status is permanent and never appears as an assignable role.

Admin

Admin is the highest invited role. It is for people who should manage most workspace operations alongside the Owner.

Assign Admin to people who need to invite new members and run day-to-day workspace operations.
Admin can create and edit clients, projects, invoices, and other records.
Admin can delete records, since delete actions require Admin or Owner.
Admin can open the Invite Member form from the Team tab.

Editor

Editor is for collaborators who update client work but should not own destructive actions or member management.

Assign Editor to people who create and update day-to-day client work.
Editor can edit clients, projects, invoices, and proposals.
Editor cannot delete records, since deletion is limited to Admin and Owner.
Editor cannot invite or manage team members.

Viewer

Viewer is read-only access for people who need visibility without changing anything.

Assign Viewer to stakeholders who need to see the workspace but not edit it.
Viewer cannot create, edit, or delete records.
Viewer cannot change notification preferences or invite members.
Move a Viewer to Editor or Admin if they later need to make changes.

Notes

An action blocked by your role is either hidden or shows a permission error, so ask an Admin or the Owner to make the change or raise your role.