Team Management
Invite and manage team members in your organization.
Overview
The Team Management section allows you to:
- Invite new team members to your organization
- Manage team member roles (Member or Admin)
- View team members and their status
- Remove team members from your organization
warning
Team Management is only accessible to admin users. Non-admin users cannot invite team members or manage roles.
Accessing Team Management
- Log in to your RepoRisk account at https://app.canirunthat.com
- Click Settings in the main navigation menu
- You'll see the Team Members card at the top of the Settings page (admin users only)
Viewing Team Members
On the Team Members card in Settings, you'll see a table of all current team members in your organization:
| Column | Description |
|---|---|
| The team member's email address | |
| Name | The team member's full name |
| Role | The member's role: Member or Admin |
| Status | Active (member has accepted) or Pending (invitation sent) |
| Added | Date the team member was invited or joined |
| Last Login | When the team member last logged in (or "Never") |
| Actions | Remove the team member from your organization |
Available Roles
RepoRisk supports two team member roles:
Member
Permissions:
- View all scans and reports
- Submit repositories for analysis
- Schedule scans on repositories
- Cannot manage team members
- Cannot access Settings page
Admin
Permissions:
- Full access to all scans and reports
- Submit repositories for analysis
- Schedule scans
- Manage team members (invite, change roles, remove)
- Access Settings page (team members, API keys, branding)
Inviting Team Members
To invite a new team member to your organization:
Step 1: Open the Invite Form
- On the Team Members card in Settings, look for the invite form at the top (above the team members table)
- You'll see fields for Email, Role, and an Invite button
Step 2: Enter Team Member Details
- Email Address — Enter the email address of the person you want to invite
- The email can be a work email, personal email, or any valid email address
- The invited person will receive an invitation email
- Role — Select the role for this team member:
- Member — Can view scans, submit repos, schedule scans (no Settings access)
- Admin — Full access including Settings and team management
Step 3: Send the Invitation
- Click the Invite button
- An invitation email will be sent to the provided email address
- The invited person will have a link in the email to accept the invitation and join your organization
- The new member will appear in your Team Members list with a "Pending" status until they accept the invitation
info
Pending invitations remain active. The invited person can accept the invitation at any time.
Managing Team Member Roles
To change a team member's role:
Step 1: Locate the Member
- On the Team Members table in Settings, locate the team member whose role you want to change
- Look for the Role column which shows a dropdown select
Step 2: Select New Role
- Click the role dropdown for the team member
- Select the new role:
- Member — Can view scans, submit repos, schedule scans (no Settings access)
- Admin — Full access including Settings and team management
- The role will update immediately after you select it
The team member's role will be updated instantly. If they're currently logged in, they may see permissions changes after refreshing the page.
note
Pending (invited) team members cannot have their role changed from the table. You must resend their invitation with a different role or remove and re-invite them.
Removing Team Members
To remove a team member from your organization:
Step 1: Open Member Options
- On the Team Members table in Settings, locate the team member you want to remove
- Look for the trash icon button in the rightmost column
Step 2: Confirm Removal
- Click the trash/remove button
- A confirmation dialog will appear asking you to confirm the removal
- The dialog will note that the member will lose access to all organization scans and reports
- Click Remove Member or Delete to confirm
The member will immediately lose access to your organization's RepoRisk account.
caution
Removing a team member is permanent. Their access will be revoked immediately. You can re-invite them later if needed.
Team Member Permissions Reference
This table summarizes the permissions available for each role:
| Permission | Member | Admin |
|---|---|---|
| View scans and reports | Yes | Yes |
| Submit repositories | Yes | Yes |
| Schedule scans | Yes | Yes |
| Re-scan repositories | Yes | Yes |
| Invite team members | No | Yes |
| Manage team member roles | No | Yes |
| Remove team members | No | Yes |
| Access Settings page | No | Yes |
| Modify branding | No | Yes |
| Configure API keys | No | Yes |
Best Practices
Security
- Only grant Admin role to trusted team members who need Settings access
- Use Member role for most team members (default)
- Regularly review team members and remove inactive or departed team members
- Designate at least 2 admins for organizational redundancy
Organization Management
- Assign admin role only to team leads or administrators
- Limit the number of admins to reduce risk of accidental changes
- Document your organization's team structure and member roles
- Periodically review role assignments to ensure they match current responsibilities
Best Practices for Admin Users
- Only modify Settings when necessary
- Communicate security policy changes to team members
- Rotate admin responsibilities periodically for security
- Remove team member access promptly when they leave the organization
Troubleshooting
Invitation Not Received
If a team member doesn't receive an invitation email:
- Check their spam or junk folder for the invitation
- Verify the email address was entered correctly
- Ask them to check their mail system for any filters or rules
- Use the invite form again to resend the invitation
- Contact Support if the issue persists
Team Member Can't Log In
If a team member has accepted their invitation but can't log in:
- Verify their email address is correct
- Confirm they have the correct login URL (https://app.canirunthat.com)
- Check that their account status is Active (not Pending) in the Team Members table
- Ensure they're using a supported login method: email OTP, Sign in with Google, or Sign in with Microsoft
- Contact Support for further assistance
Role Changes Not Visible
If a team member doesn't see permission changes after a role change:
- They may need to log out and log back in to see the changes
- Ask them to refresh the page after logging back in
- Clear their browser cache if the role change doesn't appear
- Contact Support if issues persist
Cannot Invite Team Members
If you can't invite team members:
- You must be an Admin user to invite team members
- Contact your organization administrator to request admin access
- Verify the email address you're trying to invite is valid
- Check that the email hasn't already been invited or added
Next Steps
- Configure Organization Settings — Review Settings for additional team and security configurations
- View Scans — Manage and monitor team scans in Scan History
- Learn About Roles — Review the role definitions above for information about specific permissions