Tenant Invites and Roles

Tenant invites grant tenant-level governance roles. They are separate from repo access assignments.

Create invite

In tenant detail Create invite:

  1. enter email
  2. choose role (MEMBER, SECURITY_ADMIN, BILLING_ADMIN, OWNER)
  3. create invite
  4. copy token or invite link

Invite link target is /invite/accept with tenant_id and invite_token parameters.

Acceptance flow expectations

  • Recipient opens invite link.
  • If not signed in, they set password and accept.
  • If signed in as a different email, acceptance can fail until correct identity is used.

Role assignment strategy

  • Default to MEMBER for normal tenant participation.
  • Reserve OWNER for a small trusted set.
  • Use SECURITY_ADMIN/BILLING_ADMIN for functional admin separation.

Security posture

Invite tokens are sensitive until accepted or revoked.

  • deliver via trusted channels
  • avoid forwarding in broad email threads
  • revoke and recreate if exposure is suspected
Previous
Security and Audit
Next
Repository Governance