Roles
Novacula has three organization roles:| Role | What it can do |
|---|---|
| Member | Read-only. View executors, nodes, metrics, logs, and their own audit activity (the full organization audit log is owner/admin only). |
| Admin | Everything a member can, plus deploy, update, and delete nodes; connect and remove executors; request upgrades; manage labels; invite members; manage other members. |
| Owner | Full control, including assigning admins. Each person can own only one organization. |
Invite a member
On Members, select Invite member, then:- Enter the invitee’s Email.
- Choose a Role. Owners can invite an Admin or a Member; admins can invite a Member only. Owner can’t be assigned by invitation.
- Select Send invitation.
Manage pending invitations
Invitations that haven’t been accepted appear under Pending invitations with a Pending or Expired status. From the row’s actions menu (owners and admins):- Copy link — copy the accept link to share directly.
- Resend email — send the invitation email again.
- Cancel — revoke the invitation so the link no longer works.
Change a member’s role
Open a member’s row to go to their profile, then use the Organization access card to pick a new Organization role and select Save access.- Owners can promote a member to admin and demote an admin to member.
- Admins can manage members, but can’t promote anyone to admin or change another admin or the owner.
- Members can’t change roles.
Block or remove a member
On a member’s profile, the Account access card lets you Block member. Blocking restricts the person’s access to this organization — it signs out their active sessions immediately and prevents them from signing back in to it. You can record an optional reason. Owners can block any non-owner; admins can block members. A blocked person still appears in the roster with a Blocked badge. To bring them back, select Restore on their row (or Restore member on their profile) — they rejoin with their previous role. Restoring does not recreate their old sessions. Owners can also Remove a non-owner member from the profile header.What happens when a member loses access
- Their sessions for this organization end within seconds.
- API keys stay valid — they belong to the organization, not to the person who created them. Rotate any keys a departing member generated; see API keys.
- Their entries in the audit log remain for the record.