TestKase Docs
ConfigurationProject SettingsUser Permissions

Best Practices & FAQ

Guidelines for secure team management and answers to common questions.

Best Practices

Following these best practices will help you maintain a secure, well-organized team structure and avoid common permission-related issues.

1. Apply the Principle of Least Privilege

Assign each user the minimum role and permissions they need to do their job. Start with the Guest role for stakeholders and observers, the User role for active contributors, and reserve Project Admin for team leads who need to manage settings. Avoid granting Owner access to anyone who does not need organization-level control.

2. Use Project-Level Permission Overrides Thoughtfully

Rather than elevating a user's organization-wide role, use project-level permission configuration to grant additional access only where needed. For example, if a User needs delete access in one project but not others, enable it at the project level instead of making them a Project Admin everywhere.

3. Establish Clear Role Assignment Guidelines

Document your team's role assignment criteria so that new hires and contractors are consistently given the appropriate role. A simple internal guideline like "All QA engineers get the User role; all product managers get Guest; team leads get Project Admin" prevents ad-hoc decisions that can lead to over-permissioned accounts.

4. Audit Your Team Roster Regularly

Review your organization's member list at least quarterly. Remove users who have left the team or changed projects. Cancel any stale pending invitations. Regular audits ensure that only the right people have access to your testing data.

5. Have a Clear Onboarding Process

When a new team member joins, follow a consistent onboarding checklist: send the invitation with the correct role, verify they have accepted and can access the right projects, and walk them through TestKase's key features. This reduces confusion and ensures productivity from day one.

6. Plan for Offboarding

When a team member leaves, remove them from the organization promptly. Because all their data is preserved, there is no risk of losing test cases or execution history. If the departing user is the Owner, transfer ownership before their last day.

7. Separate Production and Sandbox Projects

If your team works across multiple environments, consider creating separate projects for production testing and sandbox/training purposes. Apply stricter permissions to the production project (e.g., disable delete for Users) while keeping the sandbox permissive for experimentation.

8. Communicate Permission Changes

When you change permissions for a role, inform the affected users. Unexpected loss of access to a feature they relied on can disrupt workflows. A brief message explaining the change and the reason goes a long way toward maintaining team trust.

FAQ

How many users can I invite to my organization?

The number of users depends on your subscription plan. Free plans support a limited number of team members, while paid plans offer higher limits or unlimited seats. Visit the Pricing page for full details on user limits per plan.

Can I create custom roles beyond the four built-in roles?

TestKase provides four built-in roles: Owner, Project Admin, User, and Guest. While you cannot create entirely new role types, the permission configuration system allows you to customize each role's capabilities extensively. By toggling individual permissions per project, you can effectively create different "flavors" of the User or Guest role tailored to specific projects and workflows.

What happens to a user's data when they are removed from the organization?

All data created by the user is fully preserved. This includes test cases, test steps, execution results, comments, attachments, and any other artifacts. The data remains attributed to the user's account for traceability. Only their active access to the organization and its projects is revoked. If you re-invite them later, they will regain access but will start with the role assigned in the new invitation.

Can a Project Admin invite users to the organization?

Yes, Project Admins can invite new users to the organization. When inviting, they can assign the User or Guest role. Only the Owner can assign the Project Admin role to new or existing users. This ensures that elevated access is always approved by the organization's Owner.

If I change permissions for the User role, does it affect all projects?

No. Permission configuration is scoped to the specific project where you make the change. If you enable "Delete test cases" for the User role in Project A, it does not affect the User role's permissions in Project B. Each project maintains its own independent permission configuration.

Can I restrict the Owner's permissions?

No. The Owner role has permanent, unrestricted access to all features and data across the entire organization. Owner permissions cannot be limited or overridden through the permission configuration interface. This ensures there is always at least one account with full administrative control.

What happens if the Owner leaves the organization or is unavailable?

The Owner should transfer ownership to another trusted team member before leaving. If the Owner becomes unavailable without having transferred ownership, contact TestKase Support for assistance. Support can help facilitate an ownership transfer after verifying the identity and authorization of the requesting party.

Can a user have different roles in different projects?

A user has a single organization-level role that applies as the default across all projects. However, project-level permission configuration allows you to expand or restrict specific permissions within individual projects. While the role label remains the same, the effective permissions can differ from project to project based on the project-level toggles.

How do I know which permissions a specific user currently has?

Navigate to Settings -> Team & Permissions in the project you want to check. The permission matrix shows the current state of all toggles for each role. Identify the user's role, and the corresponding column in the matrix reflects their effective permissions for that project.

Is there an audit log for permission changes?

Yes. All changes to role permissions, user invitations, role assignments, and user removals are recorded in the organization's activity log. The Owner and Project Admins can review this log from the Settings page to see who made what change and when.

Organization Management

Manage organization-level access, project-level overrides, and ownership transfer.

Integrations

Connect your TestKase project to external tools for requirement syncing, defect tracking, notifications, CI/CD, and API access.

On this page

Best Practices1. Apply the Principle of Least Privilege2. Use Project-Level Permission Overrides Thoughtfully3. Establish Clear Role Assignment Guidelines4. Audit Your Team Roster Regularly5. Have a Clear Onboarding Process6. Plan for Offboarding7. Separate Production and Sandbox Projects8. Communicate Permission ChangesFAQ