Skip to content

Users & Accounts

Every person who interacts with Metrognome has a user account. Accounts are created through multiple paths — self-signup, Google/Apple sign-in, staff invite, or staff creation — but all result in the same user record.

Account Creation

Four paths exist for creating accounts:

  • Self-signup — member registers with email and password. Account is created automatically with approved status.
  • Google/Apple sign-in — member signs in via Google or Apple. Account is created automatically. If name or phone is missing, the member is redirected to complete their profile before they can book anything.
  • Staff invite — staff sends an email invitation. The member clicks the link, sets a password, and their account is created.
  • Staff create-with-setup — staff creates the account directly with the member's name, email, and phone, then sends a setup email. The member clicks the link and sets their password.

All paths result in a user record with approved status set to true by default. Every new user is assigned the USER role automatically.

Blocked Signups

Two scenarios block self-signup:

  • Organization email domain — if the email domain matches an organization, self-signup is blocked. Staff must provision these users.
  • Uninvited legacy tenant — if the email matches a migration invitation that hasn't been sent yet, signup is blocked with a message directing them to the legacy system. Once the invitation is sent, the block lifts. See Migrations.

Profile Requirements

A member must have a complete profile before they can make any reservation or purchase. A complete profile requires:

  • Full legal name — first and last name, each part at least 2 characters
  • Valid phone number — US phone number

These are enforced at booking time, not at account creation. A member can exist with an incomplete profile but cannot book until it's filled in.

Approval

All members are approved by default. When a member is banned (approval revoked), they:

  • Cannot make any purchases or reservations
  • Have all physical access codes immediately revoked across all locations

Only admins can ban members. Staff or admins can restore approval. There is no separate suspension mechanism — approved/banned is the only account block.

Roles

Four roles exist: USER, STAFF, ADMIN, and PARTNER.

USER — the default role for all members. Can book studios, manage their own account, and view their own transactions.

STAFF — can manage users, reservations, and resources. Staff roles can be global (all locations) or scoped to specific locations. A location-scoped staff member can only see and manage data for their assigned locations.

ADMIN — full system access. Admins pass all role checks regardless of scope. Only admins can ban users, assign/remove roles, and access system administration.

PARTNER — used for the referral partner program. Partners have referral codes that generate external payout records instead of Stripe credits. See Referrals.

Role Assignment

Only admins can assign or remove roles. When a role changes, the user is signed out immediately and must log in again for the new permissions to take effect. A user can hold multiple roles simultaneously (e.g., global staff plus location-scoped staff at a specific location).

Location-Scoped Staff

A staff member scoped to a specific location can only manage data at that location. They receive email notifications (lockout bookings, waitlist entries, tour bookings) for their location. The community manager field on a location is a separate concept — it designates a contact person for emails and is independent of role assignments.

Organizations

Organizations group users who share resources — typically companies or collectives whose members draw from a shared credit pool. Organizations are identified by email domain. Members whose email matches the org's domain are associated with it.

An organization can have a dedicated studio resource reserved for its members. Members belong to at most one organization. Organization-level Stripe billing is separate from individual user billing.

Stripe Customer

Every user gets a Stripe customer record, created automatically when the account is created (if an email is available). The Stripe customer is used for all payment operations — lockout subscriptions, credit purchases, waitlist deposits. Multiple creation paths ensure the Stripe customer exists by the time any payment is attempted.

Members can opt in or out of email and SMS marketing. Transactional messages (booking confirmations, access codes) are always sent regardless of preferences. See Communications for the full consent model and opt-in/opt-out rules.

Account Deletion

When a user account is deleted through Supabase (identity removal), the local user record is permanently deleted. Related role assignments, access codes, and referral codes are deleted with it. Historical records that reference the user (reservations, transactions, credit balances) are preserved but lose their user association.