> For the complete documentation index, see [llms.txt](https://docs.unifize.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.unifize.com/release-notes/january-2026/user-invite-permission.md). # User Invite Permission ### **Introduction** This release focuses on strengthening Unifize’s permission framework by ensuring that only authorized user roles can invite new users into the organization. The update improves the consistency of permission enforcement across metadata and checklist fields inside a record, therefore providing clearer governance, tighter access control, and preventing unintended user invitations. *** ### **What this release covers** * Users without **invite permissions** were previously able to invite new email IDs from within a record via: * The **Owner** field in the record header * The **Participants** field in the record header * The **User field** inside a checklist * A new permission: **Allow inviting users from chatroom fields** has now been introduced and enforced. * This governs inviting users from: * Owner field * Chatroom participants/members fields * Checklist user fields * Only user roles that *explicitly* have this permission enabled can invite new users. *** ### **Before vs After** | **Area** | **Before** | **After** | | --------------------------------- | ------------------------------------------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------- | | Inviting from Owner field | Users without invite permissions were able to invite new users by entering a new email ID. | Only roles with the new “Allow inviting users from chatroom fields” permission can invite. Others can only select existing users. | | Inviting from Participants field | Unauthorized users could add new participants via email. | Unauthorized users cannot invite; APIs fail and block the invite. | | Inviting via User checklist field | Users could trigger an invite flow by entering a new email. | Only permitted roles can invite from user fields; others can only search/select existing users. | *** ### **Best practices** 1. Assign the **invite permission** only to roles that genuinely require the ability to bring new users into the org. 2. Review role configurations for Admin, Org Member, External, and Read-only users to ensure they align with your organization’s governance policies. ### **Release Limitation** 1. This release improves invite-permission enforcement only for user-invite touchpoints inside a record (Owner field, Participants field, and User checklist fields). All other invite entry points, such as the Contacts page and Admin settings, remain unaffected by this update. 2. Any records where unauthorized users had already added new users remain unchanged. 3. Users who lack invite permissions may still see the option to type an email, but the action will fail via error response. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://docs.unifize.com/release-notes/january-2026/user-invite-permission.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.