> ## Documentation Index
> Fetch the complete documentation index at: https://docs.holace.io/llms.txt
> Use this file to discover all available pages before exploring further.
# Users & Roles
> Add teammates, assign roles, deactivate accounts, and trigger password resets.
The Users & Roles page is where firm admins manage who can sign into HoLaCe and what they can do once they're in. It lives at **Admin → Users**.
\[Screenshot: Users list showing name, email, role, last sign-in, and active status columns]
## Adding a user
1. Click **Add User** in the top-right of the Users list.
2. Enter the new teammate's full name and work email.
3. Choose a role (see the role table below).
4. Optionally assign them to a team or pod if your firm uses team-scoped views.
5. Click **Send Invite**.
HoLaCe emails the new user a magic-link sign-in. They click the link, set a password if they want one (magic-link works on its own), and they're in. No license activation, no admin approval step on their end.
Magic-link first-time sign-in is described in [Getting Started → Login](/getting-started/login).
Send the new hire that link if they ask for orientation.
## Roles
| Role | Typical user | What they can do |
| ------------------ | -------------------------------- | -------------------------------------------------------------------------------------------------- |
| `FIRM_ADMIN` | Managing partner, COO, ops lead | Everything attorneys can do, plus the entire admin portal (users, billing, branding, integrations) |
| `ATTORNEY` | Lawyers handling cases | Full case-management surface — pipeline, journeys, demand letters, settlements |
| `PARALEGAL` | Paralegals, case managers | Most of what attorneys see, with some sign-off actions reserved for attorneys |
| `SERVICE_PROVIDER` | External investigation companies | Their own portal — only sees jobs assigned to them |
| `CONTRACTOR` | Field investigators, freelancers | A simplified contractor portal for the assignments they own |
`SUPER_ADMIN` is reserved for HoLaCe staff and is not assignable from the firm admin UI.
\[Screenshot: Add User modal with role dropdown expanded]
## Editing a user
Click any row to open the user detail panel. From there you can:
* Change the user's role (effective immediately on their next request).
* Update name, email, phone.
* Assign or change avatar.
* Toggle email notification opt-ins on their behalf.
* Enable or disable the **2FA required** flag.
Email changes invalidate any pending magic-link tokens and require the user to reverify the new address.
## Triggering a password reset
If a user is locked out or has forgotten their password:
1. Open their detail panel from the Users list.
2. Click **Send Password Reset**.
3. They receive an email with a one-time reset link.
The link is valid for 24 hours. You can re-trigger it as often as needed; each new link invalidates the previous one.
## Deactivating a user
When a teammate leaves the firm, **deactivate** them rather than deleting:
1. Open their detail panel.
2. Click **Deactivate User**.
3. Confirm.
A deactivated user immediately loses sign-in. Their historical work (assignments, comments, document uploads, settled cases) is preserved untouched — billing, audit, and journey history all stay intact. You can reactivate later if they return.
Don't delete users. Deletion would orphan years of activity records.
Deactivation is the correct action in 99% of cases.
## Bulk invite
Need to onboard 10 teammates at once? Click **Bulk Invite** above the user list, paste a list of `name,email,role` rows, and HoLaCe sends individual magic-link emails to each. Useful for firm-wide migrations.
Tightening security across the firm? See [Settings → Integrations](/admin-cross-cutting/settings/integrations)
for SSO and 2FA enforcement options.