FirstPromoter gives you full control over what each team member can see and do in your account. Access is managed across three areas — Team Members, Groups, and Roles — all found under the Team Section.
Team Members
The Team Members tab lists everyone with access to your dashboard. The table shows:
User – name and email. A lock shield icon indicates the account is secured by OTP (two-factor authentication) or Google Login.
Role – the member's effective role. Custom roles show a C badge. If the member is in a group, the role shown is the group's role.
Group – the group the member belongs to, if any.
Allowed campaigns—the campaigns the member can see data for.
Member statuses
Status | Meaning |
Pending Invitation | The member hasn't accepted their invite email yet |
Deactivated | The account is suspended — they cannot log in |
Inviting a team member
Click "Invite" in the top-right corner.
Enter the member's email address.
Optionally assign them to a Group — the group's role will be applied automatically.
If no group is selected, choose a Role from the dropdown.
Set Campaigns access — choose specific campaigns or leave as all campaigns.
Click Send.
An invitation email is sent. The member appears with a Pending Invitation badge until they accept.
Editing a team member
Click the Edit action to change their role, group, or campaign access at any time.
Deactivating and reactivating
Deactivating a member prevents them from logging in. Their data is preserved.
To deactivate: select Deactivate from the action menu and confirm.
To reactivate: select Activate from the action menu.
Removing a team member
Select Delete from the action menu. This cannot be undone.
Resending an invitation
If a member hasn't accepted their invite, select Resend invite from their action menu.
Exporting the team list
Click the Download button (top-right) to export all team members as a CSV file.
Filtering and searching
Search by name or email. Use Filters to narrow by Role or Status (Active, Pending, Deactivated).
Groups
Groups let you organise team members and apply a shared role to all of them at once. When a member belongs to a group, the group's role overrides their individual role assignment.
The Groups table shows each group's name, description, assigned role, and member count.
Creating a group
Go to Settings → Team → Groups.
Click Create Group.
Enter a Group Name (e.g. "Marketing Team", "Finance").
Optionally add a Description.
Select a Group Role — only custom roles can be assigned to groups.
Click Create Group.
Groups require a custom role. If you haven't created one yet, go to the Roles tab first.
Assigning a member to a group
When inviting or editing a team member, select the group from the Group dropdown. Their role is automatically set to the group's role and the individual Role field is disabled. The group name appears in the Team column of the team members table.
Changing a group's role
Edit the group and select a different role. The change applies to all members in the group immediately.
Removing a member from a group
Edit the team member and clear the Group field. Their role reverts to their individual assignment.
Deleting a group
Click the Delete icon on the group row. Members in the group are not deleted — they remain active but fall back to their individual role.
Roles
The Roles tab shows two sections: Built-in Roles and Custom Roles.
Built-in roles
There are four pre-built roles. Click the eye icon on any to view its full permission set. These cannot be modified.
Role | Description |
Super Admin | Full access to everything. Intended for account owners. |
Admin Plus | Broad access including destructive actions (delete). Can manage all resources, settings, and integrations. |
Admin | Full resource management. Cannot delete campaigns. Read/update access to settings. Read-only on integrations. |
Manager | Mostly read-only. Can read all main resources. Can create contests. No access to integrations or activity logs. |
Built-in role permission matrix
CRUD = create, read, update, delete.
R = read only.
CRU = create, read, update.
CR = create and read.
A dash (–) = no access.
Resource | Super Admin | Admin Plus | Admin | Manager |
Campaigns | CRUD | CRUD | CRU | R |
Rewards | CRUD | CRUD | CRUD | R |
Contests | CRUD | CRUD | CRUD | CR |
Promoters | CRUD | CRUD | CRUD | R |
Referrals | CRUD | CRUD | CRUD | R |
Commissions | CRUD | CRUD | CRUD | R |
Payouts | CRUD | CRUD | CRUD | R |
Promoter Payout Methods | CRUD | CRUD | CRUD | R |
Assets | CRUD | CRUD | CRUD | R |
Emails | CRUD | CRUD | CRUD | R |
Agreements | CRUD | CRUD | CRUD | R |
Team Members | CRUD | CRUD | CRUD | R |
Roles | CRUD | CRUD | R | R |
Reports | CRUD | R | R | R |
Billing | CRUD | R | R | R |
Settings | CRUD | CRUD | RU | R |
Integrations | CRUD | CRUD | R | – |
Activity Logs | CRUD | R | R | – |
Reports, Billing, and Activity Logs are read-only resources. Even in custom roles, only the Read permission is available for these — create, update, and delete cannot be granted.
Custom roles
Custom roles let you define exactly which permissions a team member has across every resource.
To create a custom role:
Click Create Role on the Roles tab.
Enter a Role Name (e.g. "Finance Manager", "Campaign Reviewer").
Optionally add a Description and pick a Color for the role badge.
Set permissions in the matrix — check each resource and action combination you want to allow.
Click Create Role.
Copy from shortcut: Use the Copy from dropdown to start from any existing role's permissions, then click Apply to load them into the matrix. Adjust as needed. Click Clear to reset back to empty.
Editing a custom role: Click the Edit icon. Changes apply immediately to all members with that role.
Deleting a custom role: Click the Delete icon and confirm. The role must not be assigned to any team members or groups before it can be deleted.
What each permission resource controls
When setting up custom roles, here is what each resource covers:
Resource | What it controls |
Campaigns | Creating and managing affiliate/referral campaigns, their settings, reward structure, and signup pages |
Rewards | Commission rules, reward tiers, and performance bonuses |
Contests | Leaderboard-style competitions for promoters |
Promoters | Affiliate/promoter profiles, referral links, and promo codes |
Referrals | Leads referred by promoters — sign-ups, trial starts, and their status |
Commissions | Sales and conversion events that generate earnings for promoters |
Payouts | Payments issued to promoters |
Promoter Payout Methods | The payout methods (PayPal, bank transfer, etc.) configured by promoters |
Assets | Marketing materials, images, and files shared with promoters via the affiliate portal |
Emails | Email templates and automated notifications sent to promoters |
Agreements | Contract documents that promoters are required to sign |
Team Members | Inviting, editing, deactivating, and removing dashboard users |
Roles | Creating and managing custom permission roles |
Reports | Performance dashboards and analytics (read-only — no write access possible) |
Billing | Your FirstPromoter subscription and billing details (read-only — no write access possible) |
Settings | Account-level and campaign-level settings |
Integrations | Third-party integrations such as Stripe, Paddle, Chargebee, and webhooks |
Activity Logs | Full audit trail of all actions in the account (read-only — Enterprise plan only, must be enabled at account level, visible to Super Admins by default) |
Sub-resources
Some resources are not listed in the permission matrix but are controlled by their parent:
Sub-resource | Controlled by |
Promo codes | Promoters |
Webhooks | Integrations |
Postbacks | Integrations / Promoters |
Products & Prices | Settings |
Invoices | Billing / Payouts |
Custom referral statuses | Referrals |