How to manage and update user permissions in Revenuehero for secure collaboration

If you’re responsible for keeping your company’s sales or marketing data safe—but still need your team to get things done—figuring out user permissions can feel like herding cats. This guide is for admins, ops folks, and anyone who’s ever hesitated before clicking “Invite user” in a tool. Here’s how to manage and update user permissions in Revenuehero so you can strike that balance between security and just getting on with work.

Why Permissions Matter (and Where It’s Easy to Screw Up)

Letting everyone have full access sounds easier, but it’s a great way to end up with accidental data leaks or people deleting things they shouldn’t. On the other hand, locking everything down until nothing gets done isn’t much better. In Revenuehero, permissions aren’t just a checkbox—they’re the gatekeepers for your customer meeting links, routing rules, and all that juicy pipeline data. Get it wrong, and you’ll either frustrate your team or give away the keys to the kingdom.

What tends to go wrong: - New hires get “temporary” admin access that never gets revoked. - No one remembers who has what role. - Team members can see or edit more than they should. - Offboarding gets skipped, and ex-staff still have logins.

If you’ve ever had that panicked “Wait, who can see this?” moment, you’re in the right place.

1. Get to Know Revenuehero’s Permission Model

Before you start clicking around, you’ll want to know what the options actually mean. Revenuehero uses a role-based access control system. That’s just a fancy way of saying users are put into buckets (roles), and those buckets come with certain powers.

Main roles you’ll see: - Admin: Full control—can change settings, manage users, see all data. Only give this to people who really need it. - Manager: Can oversee teams, view most data, but can’t change everything. Good for team leads. - Member/User: Basic use—can access their own meetings and calendar, but not much else. - Custom roles: Some plans let you tweak what each role can do. These are handy, but don’t overcomplicate unless you have a real need.

Pro tip: If you’re not sure what a role can do, create a test account and log in as that role. It’s the fastest way to see what’s visible and what’s not.

2. Audit Who Has Access (Don’t Skip This)

You can’t fix what you can’t see. Before making any changes, get a list of everyone with access to your Revenuehero workspace.

How to check: 1. Go to the “Team” or “Users” section in Revenuehero’s admin panel. 2. Export the user list (most tools offer CSV export—if not, copy and paste into a spreadsheet). 3. Review roles, last login dates, and which teams they’re on.

What to look for: - Former employees who still have accounts - People with Admin access who don’t actually need it - Duplicate or generic accounts (things like “SalesTeam” instead of real names)

Fix the obvious stuff first—disable or remove ex-employees, and downgrade anyone who’s got more power than they need.

3. Decide Who Needs What (Based on Reality, Not Job Titles)

It’s tempting to just match permissions to job titles. But in reality, not every manager needs admin rights, and sometimes a junior person needs a specific permission for their workflow.

Questions to ask: - Who really needs to change system-wide settings? - Who just needs to book meetings or see their own calendar? - Does anyone need one-off access for a project? If so, set a reminder to remove it later.

If you’re not sure, err on the side of less access. It’s way easier to grant something later than to deal with a breach.

4. Update Permissions in Revenuehero: Step-by-Step

Here’s how to actually make changes. The specifics might shift with new releases, but the basics should stay the same.

A. Changing Roles for Existing Users

  1. Log in as an Admin.
  2. Go to “Team” or “Users.”
  3. Click on the user you want to edit.
  4. Change their role from the dropdown (Admin, Manager, Member, or your custom roles).
  5. Save.

Heads up: Some changes (like downgrading an Admin) might log that person out or restrict immediate access. Let them know first.

B. Adding New Users (The Right Way)

  1. Hit “Add User” or “Invite User.”
  2. Enter their work email and assign the correct role before sending the invite.
  3. (Optional) Add them to the right team or group, if you use those.
  4. Send invite.

Don’t default everyone to “Member” or “Admin”—pick based on what they’ll actually do from day one.

C. Removing or Disabling Access

  • For someone leaving the company: Remove their account completely. Don’t just downgrade—delete or deactivate.
  • Temporary leaves (like parental or medical): Disable the account so you can re-enable it later.

Always double-check before deleting—Revenuehero may not be able to restore accidentally deleted user data.

5. Use Groups, Teams, or Custom Roles (But Don’t Go Overboard)

If your company is big enough to need more granular control, you can set up groups or custom roles. But keep it simple. More moving parts means more chances for something to break.

When to use custom roles: - Different teams need access to different customer segments or calendars - You want to restrict sensitive features (like integrations) to just a few people

What to avoid: - Dozens of near-identical roles with confusing names - “Temporary” roles that stick around forever

Document what each custom role or group is for. If you can’t explain it in a sentence, it’s probably too complicated.

6. Stay on Top of Changes (Permissions Aren’t “Set and Forget”)

User permissions should be reviewed regularly, not just when someone leaves. Here’s how to keep things tight:

  • Quarterly audits: Set a calendar reminder to review all users and roles. It only takes 10 minutes if you do it regularly.
  • Automate offboarding: Work with IT or HR to make sure user removals happen as soon as someone leaves.
  • Spot-check after org changes: Got a new team? Merged with another department? Permissions probably need updating.

Pro tip: Some tools let you set expiration dates on access. Use them for contractors or temp staff.

7. What to Ignore (and What to Be Skeptical Of)

  • Ignore “one size fits all” advice: Your org isn’t the same as the next. Don’t copy another company’s permission model blindly.
  • Be wary of overcomplicating: The more layers you add, the harder it is to audit and fix mistakes.
  • Don’t rely on memory: Always document who has which role and why, even if it’s just a Google Doc.

Quick Reference: Common Scenarios

  • New sales rep: “Member” role, access to only their own booking calendar.
  • Sales manager: “Manager” role, access to all team calendars and reports.
  • RevOps/IT admin: “Admin” role, but only as needed. Ideally, limit to 1–2 people.
  • Contractor: Custom role with strict, time-limited access.

If you’re not sure which role to use, start with less and bump it up only if they hit an actual wall.

Wrapping Up: Keep It Simple, Review Often

Perfect permission setups don’t exist, but you can get close by keeping things simple, reviewing access every few months, and documenting as you go. The goal isn’t to build a fortress—it’s to make sure the right people can do their jobs without exposing your company to dumb risks. Iterate as your team grows, and don’t be afraid to clean house now and then.

That’s it—get back to work, and don’t let permissions become another “set it and forget it” mess.