# Inviting team members

**Team invites are planned but not yet available** — there is no invitation, teammate, role, or RBAC code in the platform today. The creditor API key minted at the end of the [onboarding wizard](/for-creditor-partners/creditor-onboarding/creating-your-account.md) is the only credential, and it represents the whole organization rather than a single user.

For now: share the API key with the teammates who need it directly, through your own secret manager (1Password, Vault, etc.). The audit log records actions against the creditor tenant, not against individual users.

## What does exist

| Surface                  | Identity model                                                                           |
| ------------------------ | ---------------------------------------------------------------------------------------- |
| Onboarding wizard        | Short-lived onboarding JWT (24h TTL) issued at signup, valid until the API key is minted |
| Creditor API             | One `ca_{prefix}_{secret}` API key per creditor                                          |
| Admin / operator console | Clerk-authenticated; this is for ai-collect staff, not creditor teammates                |
| Debtor portal            | One-time-passcode + JWT, scoped to a single debtor                                       |

When team invites ship, they will live alongside the API key — not replace it — so existing integrations keep working.

## When you need to rotate access

If someone leaves your business and you're worried they kept a copy of the API key, ask us to rotate it. The admin API (`POST /v1/admin/creditors/{id}/rotate-key`) re-mints a new `ca_*` key and invalidates the old one. There is no self-serve rotation endpoint today — email <support@moderncollections.io> and we'll handle it.

## Single sign-on

SSO is not implemented for creditor users (there are no creditor users today — see above). Clerk-based SSO is used for ai-collect admin staff only.

## What's coming

When the team-invite feature lands, expect the following at minimum, based on the [first-party SaaS model design notes](https://github.com/knollmeyersam-dot/MC-Docs/blob/main/docs/future-ideas/03-first-party-saas-model.md):

* Per-user identity for actions in the dashboard.
* A small set of roles (admin / viewer to start; finer-grained permissions later).
* Per-user audit-log attribution alongside the existing tenant-level events.

If granular RBAC matters for your buy decision, tell your customer success contact — that signal moves it up the priority list.

***

Last reviewed: 2026-05-24 by Customer Success.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://help.moderncollections.io/for-creditor-partners/creditor-onboarding/inviting-team-members.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.