Workspaces and Access
Hunch supports workspace-based collaboration with role-aware access controls.
What a workspace is
A workspace groups the assets and controls that belong together:
- websites
- sessions
- handoffs
- leads
- analytics
- billing context
- settings and security controls
Each user can belong to one or more workspaces and switch between them from the dashboard.
Roles
Hunch currently supports these workspace roles:
| Role | Typical use |
|---|---|
| Owner | Billing owner and highest control for the workspace |
| Admin | Day-to-day operator with broad management permissions |
| Analyst | Read-heavy role for analytics, reporting, and review |
| Agent | Handoff and operational responder with narrower scope |
Role permissions control access to areas such as:
- websites
- knowledge
- analytics
- handoffs
- leads
- notifications
- settings
- billing
- team management
Inviting teammates
- Go to Team in the dashboard.
- Enter the teammate email.
- Choose a role.
- Send the invite.
The invite recipient can:
- join with an existing Hunch account if the email already exists
- create a new account and join the workspace from the invitation flow
Managing members
From Team, workspace managers can:
- review active members
- change roles
- resend invitations
- revoke pending invitations
- remove workspace members
The workspace owner cannot be removed through the normal member-management path.
Switching workspaces
If your account belongs to multiple workspaces, use the workspace switcher in the dashboard header to move between them.
Hunch updates the active workspace context for:
- navigation visibility
- data queries
- notifications
- permissions
Access-denied behavior
If a user visits a dashboard route they do not have permission to access, Hunch shows a workspace access screen instead of the protected page.
Recommendations
- Give each operator their own account instead of sharing credentials.
- Use narrower roles for analysts and agents when possible.
- Review invitations and member lists regularly.
- Pair access controls with MFA and session policy.
See also: