Summary and recommendation
Brevo user management can be run manually, but complexity usually increases with role models, licensing gates, and offboarding dependencies. This guide gives the exact mechanics and where automation has the biggest impact.
Brevo (formerly Sendinblue) is a marketing automation platform with a three-tier role model: Owner, Manager, and Restricted User.
The Owner holds full administrative control, including billing and user management, and cannot be removed or transferred without contacting Brevo support.
Managers access all features except billing;
Restricted Users receive only the feature-area permissions explicitly toggled on by the Owner.
Multi-user access is unavailable on the Free plan - a paid plan is required to invite any additional team member.
Because Brevo has no native SCIM, every app in your stack that connects to Brevo for team access must be managed through manual dashboard workflows.
Granular permission toggles for Restricted Users are only available on the Business plan and above, and Brevo does not offer custom-named roles beyond the three built-in tiers.
Quick facts
| Admin console path | My Plan & Billing > Users & Permissions (accessible via account avatar/menu in top-right corner) |
| Admin console URL | Official docs |
| SCIM available | No |
| SCIM tier required | Enterprise |
| SSO prerequisite | No |
User types and roles
| Role | Permissions | Cannot do | Plan required | Seat cost | Watch out for |
|---|---|---|---|---|---|
| Owner | Full access to all account features, billing, plan management, and user administration. Can invite, edit, and remove other users. | Cannot be removed or have their role changed by other users; only one Owner per account. | All plans (one Owner always exists) | Included in plan | Ownership cannot be transferred through the standard UI; requires contacting Brevo support. |
| Manager | Access to all features except billing and plan management. Can manage campaigns, contacts, automations, and settings. | Cannot access billing, change plan, or manage other users. | Starter and above (multi-user access requires a paid plan; Free plan is single-user only) | Included in plan seat allowance; additional users may incur cost depending on plan | Exact seat limits per plan tier are not fully documented publicly; verify current limits in account settings. |
| Restricted User | Access limited to specific features or folders as configured by the Owner/Manager. Granular permission toggles available per feature area (e.g., Campaigns, Contacts, Automations, Conversations, Transactional). | Cannot access features or folders not explicitly granted. Cannot manage users or billing. | Business plan and above for granular permission controls; basic multi-user available on Starter | Included in plan seat allowance | Folder-level restrictions for campaigns require features to be set up in folders first; permissions are not retroactively applied to unorganized content. |
Permission model
- Model type: role-based
- Description: Brevo uses a role-based model with three tiers: Owner, Manager, and Restricted User. Restricted Users can have granular feature-level permissions toggled on or off by the Owner. There are no fully custom-named roles; permissions are configured within the Restricted User role via toggles for each product area (Campaigns, Contacts, Automations, Conversations, Transactional email, Landing pages, etc.).
- Custom roles: No
- Custom roles plan: Not documented
- Granularity: Feature-area level (per product module) and folder level for campaigns; not field-level or record-level.
How to add users
- Log in as Owner or Manager with user-management access.
- Click the account avatar or name in the top-right corner.
- Select 'Users & Permissions' from the dropdown menu.
- Click 'Add a new user'.
- Enter the new user's email address.
- Select the role: Manager or Restricted User.
- If Restricted User, configure feature-level permission toggles.
- Click 'Send invitation'.
- The invitee receives an email invitation and must accept to activate their account access.
Required fields: Email address of the invitee, Role selection (Manager or Restricted User)
Watch out for:
- The Free plan does not support multiple users; a paid plan is required to invite additional users.
- Invitations expire if not accepted; a new invitation must be sent if the original expires.
- The invitee must not already have a Brevo account under a different organization for the invitation to work seamlessly.
- Granular permission toggles for Restricted Users are only available on Business plan and above.
| Bulk option | Availability | Notes |
|---|---|---|
| CSV import | No | Not documented |
| Domain whitelisting | No | Automatic domain-based user add |
| IdP provisioning | No | Not documented |
How to remove or deactivate users
- Can delete users: Yes
- Delete/deactivate behavior: The Owner can remove (delete) a user from the account via the Users & Permissions page. Removing a user revokes their access immediately. Brevo's official help documentation describes this as removing the user from the account, not merely deactivating them. There is no documented 'deactivate' (suspend without removal) state distinct from full removal.
- Log in as Owner.
- Navigate to account avatar > 'Users & Permissions'.
- Locate the user to remove.
- Click the options/action menu next to the user.
- Select 'Remove user' or 'Delete'.
- Confirm the removal.
| Data impact | Behavior |
|---|---|
| Owned records | Campaigns, contacts, automations, and other content created by the removed user remain in the account and are accessible to the Owner and other users. |
| Shared content | Shared assets (templates, lists, automations) are retained in the account after user removal. |
| Integrations | API keys and integrations associated with the removed user's actions are not automatically revoked; the Owner should audit and rotate API keys as needed. |
| License freed | Removing a user frees up the seat, making it available for a new invitation within the plan's user limit. |
Watch out for:
- There is no documented way to temporarily suspend a user without fully removing them.
- API keys are account-level in Brevo, not strictly user-level, but access credentials should be reviewed after removing a user.
- Only the Owner can remove users; Managers do not have user-removal permissions.
License and seat management
| Seat type | Includes | Cost |
|---|---|---|
| User seat | Access for one invited user (Manager or Restricted User role) to the Brevo account. The Owner seat is always included. | Included within plan; exact number of included seats varies by plan tier. Additional seats beyond the plan limit may require a plan upgrade. Specific per-seat add-on pricing is not publicly documented. |
- Where to check usage: Account avatar > Users & Permissions - lists all active users and pending invitations.
- How to identify unused seats: Review the Users & Permissions page for users with old 'Last login' dates or pending invitations that have not been accepted. Brevo does not provide an automated inactive-user report.
- Billing notes: Multi-user access is not available on the Free plan. The number of included user seats differs by plan (Starter, Business, Enterprise). Brevo's public pricing page does not list explicit per-seat add-on costs; plan upgrades or contacting sales may be required to add seats beyond the included limit. Annual billing provides approximately 10% discount.
The cost of manual management
Without automation, provisioning and deprovisioning in Brevo requires a manual workflow through the Users & Permissions page for every lifecycle event. There is no native SCIM endpoint, so IdP-driven lifecycle management is not available - each joiner, mover, or leaver must be handled individually in the dashboard.
Brevo does not support temporary suspension; removing a user is permanent and immediate, with no deactivate-then-restore path. Identifying stale access requires manually reviewing last-login dates on the Users & Permissions page, as no automated inactive-user report exists.
Pending invitations do not surface clear expiry timelines, adding a follow-up step to every onboarding workflow.
What IT admins are saying
Community evidence is not specific enough to quote or summarize yet for this app.
The decision
Brevo's permission model is adequate for small marketing teams with straightforward access needs. The Restricted User role's per-module toggles provide meaningful granularity without requiring Enterprise-tier access, provided the Business plan is in place.
For teams where every app in the environment must align to a consistent access lifecycle policy, Brevo's manual-only provisioning creates ongoing operational overhead that compounds with headcount.
The lack of a suspend state and the absence of inactive-user reporting are the two most operationally significant gaps for IT and security teams managing access at scale.
Organizations with compliance-driven access reviews or frequent role changes should factor in the manual effort required for every user lifecycle event before standardizing on Brevo for larger teams.
Bottom line
Brevo covers the basics of team access management through a clean three-role model and feature-level permission toggles, but it requires hands-on administration for every user lifecycle event.
There is no SCIM, no suspend state, and no automated stale-access detection - meaning every app in your environment that relies on Brevo access must be managed through manual dashboard workflows. Teams with low headcount and infrequent role changes will find the model workable;
teams with regular onboarding cycles or compliance-driven access reviews will accumulate meaningful manual overhead over time.
Automate Brevo workflows without one-off scripts
Stitchflow builds and maintains end-to-end IT automation across your SaaS stack, including apps without APIs. Built for exactly how your company works, with human approvals where they matter.
