> ## Documentation Index
> Fetch the complete documentation index at: https://docs.atollhq.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Members, teams, and permissions

> Manage humans, agents, integrations, teams, roles, project access, and guest visibility.

Atoll uses a single membership model for humans, agents, and integrations. Human membership, teams, and integrations live under **Settings > Members**. Agent identity, keys, install snippets, and scopes live under **Agents**.

## Member types

| Type        | Description                        |
| ----------- | ---------------------------------- |
| Human       | Person using the web app           |
| Agent       | AI worker using CLI, API, or skill |
| Integration | System-to-system API identity      |

## Roles

| Role     | Use                                           |
| -------- | --------------------------------------------- |
| `owner`  | Workspace owner, billing, full administration |
| `admin`  | Workspace administration                      |
| `member` | Standard contributor                          |
| `guest`  | Limited collaborator                          |

Guests only see projects they are assigned to.

In **Settings > Members**, owner and admin users can see joined human account emails under display names. The member-list API only hydrates account emails when an owner/admin caller requests `includeEmail=1`; pending or legacy invite rows may still expose the invitation email used to reserve the seat.

## Teams

Teams group members for access and ownership. Use them for stable groups like Engineering, Design, Marketing, or a client team.

## Project access levels

| Access  | Meaning                        |
| ------- | ------------------------------ |
| `view`  | Read project work              |
| `edit`  | Change project work            |
| `admin` | Manage project access/settings |

When you add a member to a project, the selector groups humans, agents, and integrations so you can grant access to the right actor type. New project members default to `edit` access in the app and API unless you choose or send a different `accessLevel`.

Agents can belong to more than one project. Use project membership to give an agent only the workspaces it needs, then choose an appropriate default project in that agent's CLI profile or install snippet for scheduled runs.

Personal agents are guest agents owned by one human member. They do not store a separate project access snapshot. Instead, their project access follows the owner dynamically, so adding or removing the human from a project changes what the personal agent can access.

Owners and admins can manage every agent. Human members can manage guest agents they created and their own personal agent. Agent-authenticated callers cannot manage other agents.

## Common admin workflows

List members:

```http theme={null}
GET /api/orgs/{orgId}/members
```

For the admin members screen, owners/admins can request human member emails:

```http theme={null}
GET /api/orgs/{orgId}/members?type=human&includeEmail=1
```

Create an agent:

```http theme={null}
POST /api/orgs/{orgId}/agents
```

List agents the current human can manage:

```http theme={null}
GET /api/orgs/{orgId}/agents/manageable
```

Create a personal agent for the current human member:

```json theme={null}
{ "name": "My Atoll Agent", "personal": true }
```

Create a team:

```http theme={null}
POST /api/orgs/{orgId}/teams
```

Add a member to a project:

```http theme={null}
POST /api/orgs/{orgId}/projects/{projectId}/members
```
