Team Members Roles and Permissions

Measure uses Role-Based Access Controls (RBAC) to govern access to resources based on predefined roles and associated permissions. RBAC ensures that users are granted appropriate access to perform their tasks while preventing unauthorized access.

Measure provides the following roles out of the box.

This role provides complete read and write access to all features in Measure. Full Admins can:

• Manage all customers, subscriptions, invoices, and contracts

• Configure products, pricing plans, and the price book

• Set up and manage all integrations (payment providers, CRMs, accounting, email)

• Access analytics, financial reports, and revenue recognition data

• Configure company settings, branding, and notification settings

• Manage users and assign roles

• Configure approval workflows and notification rules

• Manage tax settings and compliance configuration

Full Admin is intended for operations leads, finance managers, or founders who need unrestricted access to configure and manage the entire platform.

This role provides read and write access to customers, pricing, subscriptions, and contracts. Sales Admins can:

• Manage the price book (create, update, and organize products and pricing plans)

• View and manage all contracts across the sales team

• Participate in contract approval workflows as an approver

• Create and manage customers and subscriptions

• Access all deals regardless of ownership

This role does not include access to analytics, financial reporting, or system settings. Sales Admin is ideal for sales managers and operations leads who oversee the sales team's deals and maintain pricing consistency.

This role provides access scoped to the individual sales representative's own deals and customers. Sales Reps can:

• View and manage customers assigned to them

• Create and track contracts for their deals

• View their own sales commission reports

• Access pricing and product catalog (read-only)

Sales Reps cannot view deals, customers, or commissions belonging to other team members. This role is ideal for individual contributors on the sales team who need visibility into their own pipeline and earnings without access to organization-wide data.

This role provides read and write access to customers, subscriptions, invoices, payments, and contracts. This includes everything needed to manage renewals and resolve billing issues. Customer Support users can:

• View and update customer information

• Manage subscriptions (upgrades, downgrades, cancellations)

• Process refunds and issue credit notes

• View and resend invoices

• Handle contract renewals and amendments

• Access payment history and retry failed payments

This role does not include access to company settings and integrations, analytics and financial reports, product catalog and pricing configuration, or user management. The Customer Support role is ideal for support and customer success teams who need to resolve billing inquiries and manage the customer lifecycle without access to sensitive financial reporting or system configuration.

This role provides read-only access to all features in Measure. Read-Only users can view:

• Customers and customer details

• Subscriptions and subscription history

• Invoices, payments, and payment history

• Contracts and contract status

• Products and pricing catalog

• Analytics and financial reports

• Usage data and billable metrics

Read-Only users cannot create, edit, or delete any records. This role is useful for stakeholders who need visibility into billing operations without the ability to make changes, such as executives, investors, or external auditors.

This role provides read-only access to all features plus write permissions for accounting integrations. Accountants can:

• View all customers, subscriptions, invoices, and payments

• View analytics and financial reports

• Configure and manage accounting integrations (QuickBooks, Xero)

• Trigger manual syncs to accounting platforms

• Map accounts and configure accounting export settings

Accountants cannot modify billing data directly (customers, subscriptions, invoices, pricing). This role is ideal for finance team members who need to manage the flow of data to your accounting system while maintaining separation of duties.

Measure also allows you to define custom roles with granular permissions tailored to your organization's needs. Custom roles are built using permission building blocks:

• Read: View records and data

• Write: Create new records

• Update: Modify existing records

• Delete: Remove records

These permissions can be applied independently to each resource type (customers, subscriptions, invoices, contracts, products, integrations, reports). For example, you could create a role that can read all data, create and update subscriptions, but cannot delete anything or access integrations.

Contact our support team to configure custom roles for your organization.

All actions performed in Measure are internally logged and can be audited by the Full Admin role. The log contains the following details:

{
    "company_id": "company_xyz",
    "created_at": "2023-06-01 00:55:10.09358+00",
    "action": "credit.created",
    "action_performed_by_user_id": "user_xyz",
    "reference_type": "credit",
    "reference_id": "credit_abc",
    "additional_data": "..."
}

All API calls to Measure need to be authenticated with an access token. Review Authentication in the API reference for more details.