1Club uses role-based access control (RBAC). Each admin user has exactly one role that determines which areas of the admin they can see and what they can do (view, create, edit, delete, or full manage). Roles and their permissions are fixed in the product - you assign a role to a user, but you cannot create custom roles or toggle individual permissions per role.
Overview
Roles are assigned when a user is invited to the organization (Settings → Users) or when you edit a user. The system checks permissions per module (Members, Operations, Billing, and so on) and per action (read, create, update, delete, manage). The Member role has no admin access; members use the member portal and public apps.
Roles
There are five roles. Every admin user has exactly one role.
| Role | Typical use | Access summary |
|---|
| Admin | Owner or main administrator | Full access to every module: members, messaging, operations, staff, billing, marketing, analytics, settings, inventory. |
| Manager | Club or department manager | Full management of members, messaging, operations, staff, marketing, analytics, and inventory. Can read and create billing. No settings access. |
| Front Desk | Receptionist or front-of-house staff | Create and read members; full messaging; create and read operations (bookings, check-ins, schedule); read and create billing (point of sale); read analytics and inventory. No settings access. |
| Instructor | Coach or teacher | Manage their own classes, bookings, and check-ins (operations); read and send messages; view their own profile and notification preferences. No billing, staff, organization settings, or organization analytics. |
| Member | End member | No admin panel access; uses the member portal and public apps. |
You may see the term staff in some screens or reports - that’s a label for any organization user with admin-portal access, not a separate stored role.
Owner
Within the Admin role, an organization can mark one or more users as owner. Owners bypass permission gates and only owners can delete the organization. Owner is a flag on the membership, not a separate role.
Super admin
Super admin is a 1Club platform-level capability used by the 1Club team for support and provisioning. It bypasses organization permission gates and is not something you assign to your own staff.
Role types
Every role carries a role type that describes how broadly it acts. The role type appears as a sub-label under each role in the Role permissions table (Settings → Users → the Role permissions info icon).
| Role type | Roles | Meaning |
|---|
| Organization | Admin | Acts across the whole organization. |
| Club | Manager, Front Desk | Acts within a club. |
| Individual | Instructor, Member | Acts only on their own and associated resources. |
Role type also acts as a guardrail: even where an individual-type role technically holds a matching capability, it is blocked from organization-wide surfaces - billing, organization settings, organization analytics, and staff. This is why an Instructor cannot open organization billing or settings even though they can reach their own profile.
Modules and actions
- Modules: Members, Messaging, Operations, Staff, Billing, Marketing, Analytics, Settings, Inventory. (Website content is managed under the Content module and is no longer a separate permission module.)
- Actions: Read (View), Create, Update (Edit), Delete, Manage (Full), Invite users, Export, Import.
- Manage (Full) on a module means full control - create, read, update, delete, and any module-specific actions - for that area. It implies all the other actions.
Reading the Role permissions table
In Settings → Users, open the Role permissions info icon to see a grid of every role against every module. Each cell shows the highest action that role has for the module:
- Full - full management (manage)
- View - read only
- Create, Edit, Delete - the matching action
- Invite users, Export, Import - where applicable
The column header for each role also shows its role type (Organization, Club, or Individual).
Where to set roles
- Settings → Users - Invite or edit organization users and assign their role. Only users with settings access (Admin) can change roles.