Users & Invites
Every person who needs access to your admin panel requires a user account. You invite them by email — they set their own password via a link. There is no need to share credentials.
User roles
Medusa has two roles:
| Role | Access level |
|---|---|
| Admin | Full access to all settings, products, orders, customers, and user management |
| Member | Access to day-to-day operations (orders, products, customers) but cannot manage settings, users, or billing |
Give staff who handle orders and products the Member role. Only give Admin to people who need to change settings, add currencies, or manage other users.
Inviting a new user
Go to Settings → Team and click + Invite user.
Enter the person's email address and select their role. Click Send invite.
They will receive an email with a link valid for 7 days (configurable in Store settings). The link takes them to a page to set a password and activate their account.
If the invite expires before they accept it, resend it from Settings → Team → Invites tab. Expired invites stay visible in the list until you delete or resend them.
Resending an invite
In the Invites tab, find the pending invite and click Resend. A fresh link is sent and the old one becomes invalid.
Removing a user
Go to Settings → Team → Users, find the person, and click Remove. This immediately revokes their access — they cannot log in again.
Removed users' actions (creating products, fulfilling orders, etc.) remain in the audit history. Removing a user does not delete their past activity.
Changing your own profile
Click your avatar in the bottom-left of the admin panel and select Profile. From there you can:
- Update your first and last name
- Change your email address
- Change your password
- Set your language preference