Only org admins and owners can create accounts. Everything happens in Settings → Team.
Creating someone
Settings → Team → Add user.
You need three things:
Email — their work address. This becomes their login and cannot be changed later. Get it right the first time.
Name — what everyone else sees next to their actions.
Role — what they are allowed to do. See Roles explained before choosing; the role sets the ceiling and changing it later means thinking about it twice.
Then assign venues. A user with no venues assigned sees nothing — the account works, the app is empty. See Venue access.
The invitation
NexReps emails them a link to set their password. The link expires.
If it expires, or if they never see it, resend from their user card in Settings → Team. Tell them to check spam — the first message from a new sender often lands there.
Changing someone later
Open their card in Settings → Team.
You can change their name, their role, their venue access and their permissions. You cannot change their email — create a new account and archive the old one instead.
Removing someone
Archive, do not delete.
Archiving revokes access immediately: their session dies, their password stops working. But their history stays intact — who validated which invoice, who changed which price. Deleting would leave holes in your audit trail.
Archive on the day they leave. Not the week after.
Resetting someone's 2FA
If they lose their phone, you are the only path back. Open their card, reset two-factor authentication, tell them to set it up again on the new device.
Do this only when you are certain who you are talking to. A phone call from an unknown number claiming to be your GM is exactly how this goes wrong.
A rule worth keeping
Give the narrowest role that lets someone do their job, and only the venues they run.
Not because you distrust them. Because an account with less reach is worth less to whoever steals it.
Next
Roles explained — what each role actually opens.
