docsAdminTeam & Access

Team & Access

Manage your team members, roles, and permissions. LawnLedger uses role-based access control (RBAC) to ensure each team member has appropriate access.

Built-in Roles

LawnLedger includes three default roles:

RoleAccess Level
OwnerFull access including billing, organization settings, and member management. Can delete the organization.
AdminFull operational access. Can manage team members but cannot access billing or delete the organization.
MemberStandard access to day-to-day features. Cannot manage team settings or invite new members.

Inviting Team Members

  1. Navigate to Settings > Team
  2. Click Invite Member
  3. Enter the person’s email address
  4. Select their role (Owner, Admin, Member, or a custom role)
  5. Click Send Invitation

The invitee receives an email with a link to accept the invitation and create their account.

Pending invitations are shown in the Team list. You can resend or revoke an invitation at any time before it is accepted.

Custom Roles

Create custom roles for fine-grained access control:

  1. Navigate to Settings > Roles
  2. Click Create Role
  3. Name the role (e.g., “Office Manager”, “Crew Lead”, “Bookkeeper”)
  4. Configure permissions for each feature:
    • Customers — View, Create, Edit, Delete
    • Properties — View, Create, Edit, Delete
    • Jobs — View, Create, Edit, Delete, Assign
    • Estimates — View, Create, Edit, Send
    • Invoices — View, Create, Edit, Send, Record Payments
    • Contracts — View, Create, Edit, Send
    • Equipment — View, Create, Edit
    • Reports — View
    • Settings — View, Manage
  5. Save the role

Managing Members

From the Team tab:

  • Change Role — Click the role dropdown next to a team member to update their role
  • Remove Member — Click the remove button to revoke their access
  • View Activity — See when each member last logged in
⚠️

Removing a team member immediately revokes their access. Their historical activity (jobs completed, invoices created, etc.) remains in the system.

Multi-Factor Authentication

For enhanced security, team members can enable MFA:

  1. Navigate to Account Settings
  2. Enable Two-Factor Authentication
  3. Scan the QR code with an authenticator app
  4. Enter the verification code to complete setup

Audit Log

Track all significant actions taken by team members:

  • Navigate to the audit log to view a chronological list of changes
  • Filter by user, action type, or date range
  • Useful for accountability and troubleshooting
SettingsBilling