Team Management

As a team admin or owner, you manage your organization's members, domains, invitations, and security policies. This guide covers everything you need to run your team workspace.

Team Roles

Each team member has one of these roles, in order of increasing permissions:

MEMBER View & customize ADMIN Manage members ADMIN + BILLING + Billing access OWNER Full control Each role includes all permissions of the roles to its left
Permission Member Admin Billing Owner
View & customize corporate signatures
Manage members & invitations
Manage domains & brand settings
Create & manage corporate signatures
Manage billing & add-ons
Delete organization & transfer ownership

Domain Management

Domains are the email domains associated with your organization (e.g., yourcompany.com). They serve two purposes:

  1. Email validation — Members can only create signatures with email addresses matching your verified domains.
  2. Auto-join — New users who register with a matching corporate email are automatically connected to your team as pending members.

Adding a Domain

1
Go to Team > Settings > Brand tab.
2
In the Domains section, click Add Domain.
3
Enter your domain name (e.g., yourcompany.com).

Verifying a Domain

Before you can send invitations or allow signatures using a domain, it must be verified via DNS:

1
Click the Verify button next to the unverified domain.
2
Copy the TXT record value shown (format: byline-verification=abc123...).
3
Add this as a TXT record in your domain's DNS settings (through your domain registrar or DNS provider).
4
Wait a few minutes for DNS propagation, then click Verify again. Byline checks the record against public DNS resolvers.
i
DNS propagation DNS changes can take anywhere from a few minutes to 48 hours to propagate, though most complete within 5–15 minutes. If verification fails, wait and try again.

Inviting Members

1
Go to Team > Invitations.
2
Enter the email address and select a role for the new member.
3
Click Send Invitation. The invitee receives an email with a link to join.

Invitations expire after 7 days. You can resend or revoke invitations from the Invitations page.

i
Copy invite link You can also copy the invitation link directly and share it via Slack, Teams, or any other channel. The link works the same as the emailed one.

Invitation Statuses

  • Pending — Invitation sent, not yet accepted.
  • Accepted — Invitee has created an account and accepted the invitation.
  • Expired — 7-day window has passed. You can resend to generate a fresh link.

Approving Members

When someone joins your team (via invitation or by registering with a matching corporate email), they start with pending status. Pending members cannot create or customize signatures until approved.

1
Go to Team > Members.
2
Find the pending member (filter by "Pending" status).
3
Click the actions menu (three dots) and select Approve.
i
Invited users are auto-approved Members who join through an invitation link are automatically approved — no manual approval needed. Only members who self-register via a matching corporate email domain need approval.

Managing Roles

Change a member's role from the Members page:

  1. Click the actions menu next to the member.
  2. Select Change Role.
  3. Choose the new role: Member, Admin, Admin + Billing, or Owner.
!
Owner transfer Each team can have only one owner. Promoting someone to Owner automatically transfers ownership from you. Only the current owner can perform this action.

Removing & Restoring Members

To remove a member, click their actions menu and select Remove. Removed members are soft-deleted — they're hidden from the active members list but their data is preserved.

To restore a removed member:

  1. On the Members page, look for the Removed Members section.
  2. Click Restore next to the member you want to bring back.

Security Policies

Team admins can enforce security policies for all members:

Password Policy

Go to Team > Settings > Security to configure:

  • Minimum length — Minimum password length (default: 8).
  • Require uppercase — At least one uppercase letter.
  • Require numbers — At least one digit.
  • Require special characters — At least one special character.
  • Max login attempts — Number of failed attempts before lockout.
  • Lockout duration — How long the account stays locked.

MFA Policy

Require team members to use two-factor authentication:

  • MFA Required — Toggle to enforce MFA for all members.
  • Allowed Methods — Choose which MFA methods are allowed (authenticator app, email, or both).
  • Exemptions — Individual members can be exempted from MFA requirements via the Members page actions menu.

Additional Admin Actions

  • Reset password — Force a member to reset their password on next login.
  • Unlock account — Unlock a member's account after failed login attempts.
  • Set MFA exempt — Exempt a specific member from the MFA policy.
Previous Using Corporate Signatures Next Corporate Signature Design