Back to Knowledge Base
Settings & Admin

User Permissions

Control what each team member can see and do in Vitals with role-based access. Keep sensitive data secure while giving everyone what they need.

Permission Levels

Vitals uses four permission levels. Assign each team member the role that matches what they actually need to do — the principle of least privilege keeps your data more secure.

Owner
  • Full access to all settings, data, and reports
  • Billing and subscription management
  • Cannot be removed by other users
  • Only one Owner per organization (transferable)
Admin
  • Full access to all settings and data
  • Invite, edit, and remove team members
  • Cannot access billing or remove the Owner
  • Ideal for executive pastors and operations directors
Editor
  • Enter and edit metric data for any week
  • View all dashboards and reports
  • Cannot change organization settings or manage users
  • Ideal for admins, campus coordinators, data entry staff
Viewer
  • Read-only access to dashboards and reports
  • Cannot enter or edit any data
  • Cannot access settings
  • Ideal for interns, board members, volunteers

Campus-Restricted Access

For multi-site organizations, you can restrict an Editor or Viewer to only see data for their specific campus. A campus-restricted user cannot see data from other locations.

  1. 1Go to Settings → Team.
  2. 2Click the team member you want to restrict.
  3. 3Click Edit.
  4. 4Under Campus Access, deselect "All Campuses" and select the specific campus or campuses.
  5. 5Click Save. Changes take effect immediately.

Campus restrictions apply to Editors and Viewers only. Owners and Admins always have access to all campuses.

A campus-restricted Editor can enter and edit data only for their assigned campus.

Changing Permissions

Admins can update any team member's role at any time. The change takes effect immediately — the user doesn't need to log out and back in.

  1. 1Go to Settings → Team.
  2. 2Click the team member whose role you want to change.
  3. 3Click Edit Role.
  4. 4Select the new role from the dropdown.
  5. 5Click Save.

Only Admins and the Owner can change roles. An Admin cannot promote another user to Owner — only the current Owner can transfer ownership.

Removing Access

When a staff member leaves, remove their access immediately to protect your organization's data. Removed users lose all access instantly.

  1. 1Go to Settings → Team.
  2. 2Click the team member you want to remove.
  3. 3Click Remove.
  4. 4Confirm the removal in the dialog.

Removing a user does not delete any data they entered. Their historical entries remain intact.

The removed user will no longer be able to log in or access any Vitals data.

Security Best Practices

A few simple habits keep your church's financial and attendance data secure.

Audit team members quarterly

Review Settings → Team every quarter. Remove anyone who has left or changed roles. Staff transitions are the most common source of unauthorized access.

Remove access immediately when staff leave

Don't wait for the last day or the end of a notice period. Remove access on their last active day to prevent any unintended data changes.

Use Viewer role for interns and volunteers

Most people only need to see data, not change it. Default to Viewer for anyone who doesn't have a specific reason to edit.

Limit Admin role to staff who need it

Admins can manage all users and settings. This role should be limited to executive staff, not everyone in the office.

Related Articles

Inviting Team Members

Add staff and send invitations to your Vitals account.

Setting Up Your Organization

Configure church details, campuses, and service times.