Features

Members

Members

Global Watch provides comprehensive member management capabilities, allowing you to control access, assign roles, and collaborate effectively across your organization.

Overview

Member management in Global Watch includes:

Team Accounts - Shared workspaces for organizations
Role-Based Access - Granular permission control
Invitations - Invite members via email
Activity Tracking - Monitor member actions
Permission Management - Fine-grained access control

Account Types

Personal Accounts

Every user has a personal account:

Individual workspace
Personal projects and settings
Cannot add other members
Accessed via app.global.watch

Team Accounts

Organizations use team accounts:

Shared workspace for multiple users
Collaborative projects
Role-based permissions
Accessed via {team-slug}.global.watch

Roles and Permissions

Default Roles

Global Watch includes predefined roles:

Role	Description	Hierarchy
Owner	Full control, billing access	1 (highest)
Admin	Manage members and settings	2
Member	Standard access	3

Role Permissions

Each role has specific permissions:

Permission	Owner	Admin	Member
View projects	✅	✅	✅
Create projects	✅	✅	✅
Edit projects	✅	✅	✅
Delete projects	✅	✅	❌
Manage members	✅	✅	❌
Manage roles	✅	✅	❌
Manage billing	✅	❌	❌
Delete account	✅	❌	❌
Transfer ownership	✅	❌	❌

Permission Categories

Permissions are organized into categories:

members.manage - Add, remove, and update members
roles.manage - Assign and modify roles
billing.manage - Access billing and subscriptions
settings.manage - Update account settings
invites.manage - Create and manage invitations

Inviting Members

Sending Invitations

Navigate to your team workspace
Click Members in the sidebar
Click Invite Member
Enter the email address
Select a role for the new member
Click Send Invitation

Invitations expire after 7 days. You can resend or revoke invitations at any time.

Invitation Process

When you invite someone:

They receive an email with an invitation link
They click the link to accept
If they don't have an account, they create one
They're automatically added to your team

Managing Invitations

View and manage pending invitations:

Go to Members → Invitations
See all pending invitations
Actions available:
- Resend - Send the invitation again
- Revoke - Cancel the invitation
- Copy Link - Get the invitation URL

Managing Members

Viewing Members

The members list shows:

Name - Member's display name
Email - Contact email
Role - Assigned role
Status - Active, pending, or inactive
Joined - Date they joined the team

Updating Member Roles

To change a member's role:

Go to Members
Find the member
Click the role dropdown
Select the new role
Confirm the change

You can only assign roles at or below your own hierarchy level. Owners can assign any role.

Removing Members

To remove a member:

Go to Members
Find the member to remove
Click Remove
Confirm the action

What happens when a member is removed:

They lose access to the team workspace
Their personal account remains active
Project data they created is preserved
They can be re-invited later

Ownership

Primary Owner

Each team has one primary owner who:

Has full control over the account
Cannot be removed by other members
Can transfer ownership to another member
Is responsible for billing

Transferring Ownership

To transfer ownership:

Go to Settings → Account
Click Transfer Ownership
Select the new owner
Verify with OTP (one-time password)
Confirm the transfer

Ownership transfer is permanent. The new owner will have full control, including billing access.

Activity Tracking

Member Activity

Monitor what members are doing:

Recent Actions - Latest activities
Login History - Access timestamps
Changes Made - Modifications to data

Audit Logs

For compliance and security:

Go to Settings → Audit Logs
View all account activities
Filter by:
- Member
- Action type
- Date range
Export logs for reporting

Security

Access Control

Global Watch enforces security through:

Row-Level Security (RLS) - Database-level access control
Role Verification - Permission checks on every action
Session Management - Secure authentication

Best Practices

For Owners:

Regularly review member access
Remove inactive members promptly
Use strong passwords
Enable two-factor authentication

For Admins:

Assign minimum necessary permissions
Document role assignments
Monitor member activity
Report suspicious behavior

For Members:

Keep credentials secure
Log out from shared devices
Report access issues promptly

Multi-Factor Authentication

Enabling MFA

For enhanced security:

Go to Profile → Security
Click Enable MFA
Scan the QR code with an authenticator app
Enter the verification code
Save backup codes

MFA Requirements

Admins can require MFA for:

All team members
Specific roles
Sensitive operations

Troubleshooting

Common Issues

Cannot invite members

Verify you have invites.manage permission
Check if you've reached the member limit
Ensure the email address is valid

Member can't access team

Verify they accepted the invitation
Check their role permissions
Ensure the account is active

Cannot change member role

Verify you have roles.manage permission
Check role hierarchy (can't assign higher roles)
Contact the account owner

Invitation not received

Check spam/junk folder
Verify email address is correct
Resend the invitation
Try copying the invitation link directly

Getting Help

If you encounter issues:

Check this documentation
Contact your team owner or admin
Reach out to support

Projects - Project-level member access
Billing - Per-seat pricing
Notifications - Member activity alerts

Assets

Track and monitor forest assets with location data, status tracking, and detailed metadata

Role-Based Access Control

Understanding roles, permissions, and access control in ForestWatch