Skip to main content
Team is Arya’s engine. Correct role and permission configuration avoids confusion and protects sensitive data.

Invitations

1

Settings → Team → + Invite

Email or bulk CSV.
2

Pick role

See next section.
3

Custom message (optional)

For invitation context.
4

Send

Recipient gets email with registration link.

Standard roles

RoleTypical permissions
AdminAll: settings, billing, team, sensitive data
ManagerSee/edit team data, create automations, approve requests
UserManage own records + shared ones, create tasks, use integrations
Read-onlyRead only (external consultants, accountants)
GuestLimited access to a specific project (customer)

Custom roles

For specific cases create custom roles:
1

Team → Roles → + New role

Name, description.
2

Per-module permissions

For each module (CRM, HR, Finance…) set:
  • None: doesn’t see
  • Read only: sees, doesn’t edit
  • Edit own: create/edit only owned records
  • Edit team: also team records
  • Edit all: also others’ records
3

Field-level permissions

For sensitive fields (salary, IBAN) hide or make read-only.
4

Save and assign

Apply new role to existing users.

Teams and hierarchies

1

Create team

Sales, Operations, HR, etc.
2

Assign members

Each user can belong to multiple teams.
3

Team manager

Designate manager. Sees/edits member data.
4

Sub-teams

Teams can have sub-teams (multi-level hierarchy).

Single Sign-On (SSO)

For companies with identity providers (Google Workspace, Microsoft Azure AD, Okta):
1

Settings → Team → SSO

Pick provider.
2

Configure

SAML / OpenID Connect metadata. Arya provides exact instructions.
3

Verify

Test login.
4

Force SSO

Option: disable password login, SSO only (more secure).

Audit log

Every change to team, roles, permissions is logged:
  • Who did what
  • When
  • From which IP
  • What changed (before/after)
Export audit log as CSV for compliance (SOC2, ISO 27001).

User deactivation

1

Team → User → Deactivate

Doesn’t delete, preserves history.
2

Record transfer

Arya asks to whom to reassign user’s deals, tasks, projects.
3

Access revocation

Tokens and sessions invalidated immediately.
4

Reactivation

Always possible from the panel.

User cost

Arya cost is per active user. Deactivated users don’t count. Guest users may have dedicated pricing (see plans).