Team & Roles
Nimbus is built for teams. Access is controlled at two levels — the Business Unit (tenant) and the organization — and every member holds a role that decides what they can do.
Tenant roles #
Within a single Business Unit, a member has one of four roles:
| Role | Can do |
|---|---|
| **Owner** | Everything, including managing the team and removing themselves. |
| **Admin** | Everything operational — connection settings, rules, integrations, team management. |
| **Operator** | Run reruns and manage day-to-day monitoring; cannot change connection or team settings. |
| **Viewer** | Read-only access to events, monitoring, and data. |
Pick the least-privileged role that lets someone do their job. Most people running campaigns are operators; stakeholders who only need visibility are viewers.
Inviting people to a Business Unit #
From Settings → Team & roles, an admin or owner can:
- Invite a member — enter an email and choose a role. Nimbus creates an invite token that is valid for 7 days and emails it.
- Change a role — pick a new role from the member's row.
- Edit a profile — update display name, email, or timezone; changes sync to the identity provider.
- Remove a member — revoke their access. If the person has no remaining access to any Business Unit, their login is removed entirely.
Pending invites are listed until they are accepted or cancelled.
Accepting an invite #
The invite email links to an acceptance page. If the recipient does not yet have a Nimbus login, they are taken to sign up with their email pre-filled; once signed in, accepting the invite grants the role from the invite.
Organization-level access #
Instead of inviting people to each Business Unit one at a time, you can grant an entire organization access to a Business Unit. Every member of that organization then reaches the Business Unit with a role you choose. This is how agencies operate — see Organizations.
Scoped access #
Within an organization, a member can be scoped to specific Business Units. A scoped member only sees the tenants they are assigned, even though the organization as a whole has access to more. Use scoping to keep a contractor or a junior operator focused on the accounts they own.
Direct vs. organization access #
A person can reach a Business Unit two ways:
- Direct access — they were invited to that Business Unit specifically.
- Organization access — their organization has access, and they inherit it.
The Team & roles screen shows both, so it is always clear *why* someone can see a Business Unit.