smspostam

Team & Permissions

Operational governance, not just admin.

Who dispatches a campaign, who tops up the wallet, who can change the rules — each one deliberate, each one logged. Built so the right people can move quickly, and the rest can't accidentally send the wrong thing.

Team

3 members · 6 roles available
  • AO

    Ada Okeke

    ada@example.ng

    Owner

    Since 12 Apr

  • EN

    Emeka Nwosu

    emeka@example.ng

    Campaign Manager

    Since 14 Apr

  • IB

    Ifeoma Bello

    ifeoma@example.ng

    Finance

    Invited

Roles

Six roles out of the box.

Covers the common splits between operations, finance, campaign work, and read-only reporting. Custom roles with your own permission mix land in a later release.

Owner

Full control. Exactly one per workspace. Only they can close the workspace or change ownership.

Admin

Full operational control. Can invite and remove teammates. Can't close the workspace.

Campaign Manager

Create and dispatch campaigns. Manage contacts, sender IDs, and unsubscribes.

Finance

Top up the wallet, view invoices, read reports. No campaign dispatch access.

Support

Read-only access to contacts, campaigns, and delivery reports. Can manage unsubscribes.

Analyst

Read + export for reports and contacts. Useful for reporting pipelines and reconciliation.

Who should be allowed to do what

The four splits most teams land on.

You can build your own mix from the permission keys below, but the common pattern is a simple four-way split between finance, campaign work, support read-access, and ownership.

Finance

Can

Fund the wallet and download invoices.

Cannot

Can't draft or dispatch campaigns.

Campaign managers

Can

Draft, preflight and dispatch campaigns; manage contacts and sender IDs.

Cannot

Can't top up the wallet or change team access.

Support

Can

Read delivery reports, investigate recipient outcomes, manage unsubscribes.

Cannot

Can't create or dispatch campaigns, can't see the wallet.

Owners

Can

Everything above, plus change access, edit policies, close the workspace.

Cannot

Only one per workspace — transferred deliberately, not by accident.

Permission keys

Access is precise, not inferred.

Roles map to permission keys used on both the server and the UI. A few of the important ones:

PermissionGranted to
campaigns.dispatchOwner, Admin, Campaign Manager
wallet.topupOwner, Admin, Finance
senders.manageOwner, Admin, Campaign Manager
team.manageOwner, Admin
audit.readOwner, Admin, Finance
business.deleteOwner only

Audit log

Every sensitive action is recorded.

Invitations, role changes, sender-ID submissions, wallet adjustments, policy acceptances — all logged with actor, timestamp, and request context.

Audit log

workspace_mackham · last 7 days

  • Ada Okeke invited · ifeoma@example.ng · Finance

    Today, 10:21

  • Ada Okeke role changed · emeka@example.ng → Campaign Manager

    Yesterday, 14:08

  • System sender id approved · MACKHAM-ALERT

    2 days ago

  • Ada Okeke policy accepted · Anti-Spam · v1.0

    12 Apr, 09:42

Every sensitive action is recorded with actor, timestamp, and request context.

Bring your team in, deliberately.

Create a workspace, assign roles, and every sensitive action from that point on is traceable. No shared logins, no accidental campaign dispatches.

  • Six built-in roles
  • Granular permission keys
  • Audit log for every change