User Roles & Permissions

    Manage built-in roles, permission levels, user invitations, and account deactivation.

    Last updated: 05/21/2026

    User Roles & Permissions

    GymPoint uses a role-based access control system to ensure each team member has the right level of access. This guide covers the built-in roles, how permissions work, and how to manage user accounts.

    Built-in Roles

    GymPoint includes three built-in roles, each with a different level of access:

    Owner

    The Owner role has full, unrestricted access to every feature and setting in GymPoint. There is always at least one Owner on an account.

    Owner permissions include:

    • All Admin permissions (see below)
    • Managing billing and subscription for the GymPoint account itself
    • Transferring ownership to another user
    • Deleting the organization

    The Owner role cannot be removed or restricted. It is assigned to the person who initially created the GymPoint account.

    Admin

    Admins have broad access to manage day-to-day operations and configure the platform.

    Admin permissions include:

    • Full access to the member database (create, edit, delete)
    • Full access to billing and payment processing
    • Access to all reports and analytics
    • Managing message templates and workflows
    • Configuring settings (organization, billing, custom fields)
    • Inviting and managing staff users
    • Accessing the member portal configuration

    Admins cannot manage account-level billing (the GymPoint subscription) or transfer ownership.

    Staff

    Staff members have limited access focused on front-line operations.

    Default Staff permissions include:

    • Viewing member profiles (read-only by default)
    • Checking members in at the front desk
    • Sending individual messages to members
    • Viewing the dashboard
    • Processing point-of-sale payments

    Staff members cannot access organization settings, billing configuration, reports, or user management unless explicitly granted additional permissions.

    Permission Levels Per Section

    Permissions are organized by section of the application. For each section, a user can have one of three access levels:

    LevelDescription
    Full AccessView, create, edit, and delete
    View OnlyCan see data but cannot make changes
    No AccessSection is hidden from the user's sidebar

    Sections with configurable permissions:

    • Members (profiles, notes, documents)
    • Billing (payments, invoices, plans)
    • Reports (dashboard, revenue, analytics)
    • Messages (send, templates, workflows)
    • Settings (organization, billing config, custom fields)
    • Classes (schedule, bookings)
    • Front Desk (check-in, kiosk, POS)
    • User Management (invite, edit, deactivate users)

    To customize permissions for a role:

    1. Go to Settings > Roles & Permissions.
    2. Click on the role you want to modify (Admin or Staff).
    3. For each section, select the desired access level from the dropdown.
    4. Click Save.

    Changes take effect immediately for all users assigned to that role. The Owner role cannot be customized.

    Creating and Inviting Users

    To invite a new user to your GymPoint organization:

    1. Go to Settings > Team.
    2. Click Invite User.
    3. Enter the new user's email address.
    4. Select a role (Admin or Staff).
    5. Click Send Invitation.

    The invited user receives an email with a link to set up their account. The invitation expires after 7 days. If it expires, you can resend it from the Team list.

    To change a user's role:

    1. Go to Settings > Team.
    2. Find the user in the list.
    3. Click the role dropdown next to their name.
    4. Select the new role.
    5. Confirm the change.

    Deactivating User Accounts

    When a staff member leaves your gym, deactivate their account to revoke access without deleting their history.

    To deactivate a user:

    1. Go to Settings > Team.
    2. Find the user in the list.
    3. Click the three-dot menu next to their name.
    4. Select Deactivate.
    5. Confirm the action.

    What happens when a user is deactivated:

    • They can no longer log in to GymPoint.
    • Their historical actions (notes, messages, changes) are preserved and attributed to their name.
    • Their user slot is freed up if your plan has user limits.
    • They do not receive any further staff notifications.

    Deactivated users can be reactivated at any time by an Owner or Admin. Go to Settings > Team, filter by "Inactive," find the user, and click Reactivate.

    Tips

    • Follow the principle of least privilege. Give each user only the access they need to do their job.
    • Use the Staff role for front desk employees who only need check-in and basic member lookup capabilities.
    • Review user access quarterly. Remove or deactivate users who no longer work at your gym.
    • Never share login credentials. Each team member should have their own account for accountability and audit purposes.
    rolespermissionsusersstaffadminsecurity
    Previous

    Custom Fields Configuration

    Next

    Integrations & API Keys