Adding and Removing Ghost Staff | OpsBlu Docs

Adding and Removing Ghost Staff

Step-by-step guide to inviting, managing, and removing Ghost staff users with proper security and access control

Managing Ghost staff involves inviting new users, assigning appropriate roles, transferring content ownership, and securely removing access when needed. This guide covers the complete lifecycle of Ghost staff management with security best practices.

Prerequisites

Before managing Ghost staff:

  • Administrator or Owner role - Required to invite/remove staff
  • Email configuration - Ghost must send invitation emails (Settings → Email)
  • Role understanding - Review Ghost Roles and Permissions
  • Approval process - Documented procedure for granting access

Adding New Staff

Step 1: Prepare New User Information

Collect Required Information:

  • Full name
  • Email address (must be unique, not already used)
  • Desired role (Owner, Admin, Editor, Author, Contributor)
  • Department/team assignment
  • Manager approval documentation
  • Start date and expected access duration

Verify Prerequisites:

  • Email configuration working (test with your own email)
  • User has legitimate business need for Ghost access
  • Appropriate role selected (principle of least privilege)
  • Approval obtained from manager or department head

Step 2: Send Invitation

Via Ghost Admin Interface

  1. Navigate to Staff Settings

    • Log in to Ghost Admin (yourdomain.com/ghost)
    • Click Settings (bottom-left gear icon)
    • Select Staff from settings menu

  2. Click "Invite People"

    • Button located in top-right corner
    • Opens invitation modal

  3. Enter User Details

    • Email address - Enter valid email (required)
    • Role - Select from dropdown:
      • Owner (not selectable - only transfer)
      • Administrator
      • Editor
      • Author
      • Contributor

  4. Send Invitation

    • Click Send invitation now
    • Ghost sends email with activation link
    • Invitation expires after 7 days

Invitation Email Contents:

Subject: You've been invited to join [Site Name]

You've been invited to join [Site Name] as [Role].

[Accept Invitation Button]

This invitation expires in 7 days.

Invitation Best Practices

  • Document invitation - Log who invited, when, role, and justification
  • Notify user separately - Send context about their role and responsibilities
  • Include onboarding - Share documentation, style guides, editorial calendar
  • Set expectations - Explain workflow, approval processes, content standards

Step 3: User Accepts Invitation

User Actions:

  1. Receive invitation email

  2. Click Accept Invitation button

  3. Redirected to Ghost setup page

  4. Enter:

    • Full name (required)
    • Password (minimum 10 characters recommended)
    • Optional: Profile photo, bio, location, website

  5. Click Create Account

  6. Redirected to Ghost Admin dashboard

First Login Experience:

  • User sees Ghost Admin interface based on role
  • Contributor/Author: Content creation focused
  • Editor: Full content management
  • Admin/Owner: Complete settings access

Step 4: Configure User Profile and Settings

Administrator Actions (Optional but Recommended):

  1. Verify User Profile

    • Navigate to Settings → Staff
    • Click on new user
    • Verify:
      • Name spelling correct
      • Email accurate
      • Role appropriate
      • Profile complete

  2. Enable Two-Factor Authentication (Recommended for Admin/Owner)

    • User must enable 2FA themselves
    • Navigate to user profile → Enable 2FA
    • Scan QR code with authenticator app
    • Save backup codes securely

  3. Set User Bio and Social Links (Optional)

    • Helps with author attribution on posts
    • Improves SEO and social sharing
    • Creates professional author pages

New User Onboarding Checklist:

  • Invitation accepted and account created
  • Profile completed (name, bio, photo)
  • 2FA enabled (if Admin or Owner)
  • Onboarding documentation reviewed
  • Test post created (for Authors/Contributors)
  • Editorial guidelines acknowledged
  • Content calendar access granted
  • Communication channels added (Slack, email lists)

Managing Existing Staff

Update User Role

When to Change Roles:

  • Promotion or increased responsibilities
  • Temporary role elevation for specific project
  • Role reduction due to performance or security concerns
  • Transition from Contributor → Author after trust established

Steps to Change Role:

  1. Navigate to Settings → Staff
  2. Click on user to modify
  3. Click Edit or role dropdown
  4. Select new role from dropdown
  5. Click Save
  6. User sees new permissions immediately (no re-login required)

Role Change Notifications:

  • Ghost does NOT notify user of role changes
  • Manually notify user via email or Slack
  • Document role change with justification
  • Update access control spreadsheet/documentation

Security Considerations:

  • Elevating role: Ensure proper approval obtained
  • Reducing role: Notify user and document reason
  • Temporary elevation: Set calendar reminder to revert role
  • Review role changes monthly

Suspend User (Without Deletion)

Ghost doesn't have a native "suspend" feature, but you can effectively suspend users:

Option 1: Change to Contributor Role

  • Demote to Contributor (cannot publish)
  • Prevents new content publication
  • User retains account but limited capabilities

Option 2: Change Email to Invalid Address

  • Edit user profile
  • Change email to suspended+[username]@yourdomain.com
  • User cannot reset password (invalid email)
  • Document original email for potential reactivation

Option 3: Use Custom Integration (Self-Hosted)

// Custom webhook to disable login
// Requires custom Ghost integration

When to Suspend Instead of Delete:

  • Short-term absence (maternity leave, sabbatical)
  • Investigation pending (security incident, policy violation)
  • Seasonal contributors (return expected)
  • Content attribution preservation needed

Transfer Content Ownership

When to Transfer Content:

  • User leaving organization (assign content to remaining staff)
  • Reorganization or team changes
  • Guest author content to managing editor
  • Deleted user cleanup

Steps to Transfer Posts:

Ghost doesn't have bulk transfer. Manual process:

  1. Identify Content to Transfer

    • Navigate to Posts
    • Filter by author (search bar or author filter)
    • List all posts to transfer

  2. Reassign Each Post

    • Open post in editor
    • Click Settings (gear icon in top-right)
    • Scroll to Post Authors
    • Remove original author
    • Add new author
    • Click Update

  3. Verify Transfer

    • Check author page (yoursite.com/author/username)
    • Ensure posts moved to new author
    • Verify bylines correct on posts

Bulk Transfer Options:

Via Ghost Admin API (Self-Hosted):

// Bulk transfer posts from one author to another
const GhostAdminAPI = require('@tryghost/admin-api');

const api = new GhostAdminAPI({
  url: 'https://yoursite.com',
  key: 'your-admin-api-key',
  version: 'v5.0'
});

async function transferPosts(fromAuthorId, toAuthorId) {
  const posts = await api.posts.browse({
    filter: `authors:[${fromAuthorId}]`,
    limit: 'all'
  });

  for (let post of posts) {
    await api.posts.edit({
      id: post.id,
      authors: [{id: toAuthorId}]
    });
    console.log(`Transferred: ${post.title}`);
  }
}

transferPosts('old-author-id', 'new-author-id');

Via Database (Self-Hosted, DANGEROUS):

-- Update posts_authors table to reassign posts
-- BACKUP DATABASE FIRST
UPDATE posts_authors
SET author_id = 'new-author-id'
WHERE author_id = 'old-author-id';

Content Transfer Best Practices:

  • Transfer BEFORE deleting user (prevents content loss)
  • Document transfers (who, what, when)
  • Notify new author of transferred content
  • Update editorial calendar/assignments

Removing Staff

Step 1: Pre-Removal Checklist

Before Removing User:

  • Content transferred to remaining staff
  • User notified of access removal (if appropriate)
  • API keys/tokens revoked (if user had access)
  • Webhooks updated if user-specific
  • Integration credentials changed (if user knew them)
  • 2FA backup codes retrieved or invalidated
  • Documentation updated (remove from team lists)
  • Access to related tools removed (Stripe, email, etc.)

Export User Data (Optional but Recommended):

  • List of all posts authored
  • Comments made (if tracked)
  • Activity history
  • Profile information

Step 2: Remove User from Ghost

Via Ghost Admin Interface

  1. Navigate to Staff Settings

    • Ghost Admin → Settings → Staff

  2. Locate User to Remove

    • Scroll to user in staff list
    • Or use search bar

  3. Click User → Delete/Remove

    • Click user name to open profile
    • Scroll to bottom
    • Click Delete User button (red)

  4. Confirm Deletion

    • Warning appears: "Are you sure you want to delete this user?"
    • Explains consequences:
      • User loses Ghost Admin access immediately
      • Content remains (not deleted)
      • Action cannot be undone
    • Click Delete User to confirm

Immediate Effects:

  • User cannot log in to Ghost Admin
  • Email removed from staff list
  • User profile page (yoursite.com/author/username) remains live
  • All authored content remains published
  • Comments/activity remain attributed to user

What is NOT Deleted:

  • Published posts and pages
  • Uploaded media/images
  • Author profile page
  • Comments (if commenting enabled)
  • Activity history/logs

Step 3: Post-Removal Actions

Verify Removal:

  • Check Settings → Staff - user gone
  • Attempt login with removed user (should fail)
  • Check author page - posts still visible but user removed from staff

Clean Up (Optional):

  1. Hide Author Page

    • Published content remains
    • Author page still accessible
    • To hide: Transfer all posts to another author, then author page becomes empty

  2. Update Team Page

    • Remove from "About" or "Team" page
    • Update contributor lists
    • Remove from editorial masthead

  3. Revoke Related Access

    • Stripe Dashboard (if they had access)
    • Email service (Mailgun, SendGrid)
    • Analytics platforms (GA4, etc.)
    • Social media accounts
    • Design tools (Figma, Canva)

Security Hardening:

  • Change shared passwords they knew
  • Rotate API keys/tokens
  • Review webhooks for user-specific endpoints
  • Check code injection for user-added scripts

Owner Removal (Special Case)

Ownership Transfer Required:

Ghost allows only ONE Owner. To "remove" current Owner:

  1. Transfer Ownership First

    • Current Owner: Settings → Staff
    • Click new Owner user
    • Click Transfer Ownership
    • Confirm transfer
    • Former Owner automatically becomes Administrator

  2. Then Remove Former Owner

    • New Owner can now delete former Owner
    • Follow standard removal steps above

Ownership Transfer Checklist:

  • New Owner accepts ownership
  • Billing information updated
  • New Owner has 2FA enabled
  • New Owner credentials documented securely
  • Former Owner downgraded to Admin or removed
  • Access to billing/payment methods verified

Bulk User Management

Bulk Invite (Not Native)

Ghost lacks bulk invite UI. Options:

Option 1: Repeat Invitation Process

  • Manually invite each user via Settings → Staff
  • Time-consuming but reliable

Option 2: Ghost Admin API (Self-Hosted)

const GhostAdminAPI = require('@tryghost/admin-api');

const api = new GhostAdminAPI({
  url: 'https://yoursite.com',
  key: 'your-admin-api-key',
  version: 'v5.0'
});

const newUsers = [
  {email: 'author1@example.com', roles: ['Author']},
  {email: 'author2@example.com', roles: ['Author']},
  {email: 'editor1@example.com', roles: ['Editor']}
];

async function bulkInvite() {
  for (let user of newUsers) {
    try {
      await api.users.invite(user);
      console.log(`Invited: ${user.email}`);
    } catch (error) {
      console.error(`Failed to invite ${user.email}:`, error);
    }
  }
}

bulkInvite();

Option 3: Import from CSV (Custom Script)

  • Requires custom development
  • Not officially supported

Bulk Removal

Manual Approach:

  1. List users to remove
  2. Transfer content systematically
  3. Remove users one-by-one

API Approach (Self-Hosted):

const usersToRemove = ['user-id-1', 'user-id-2', 'user-id-3'];

async function bulkRemove() {
  for (let userId of usersToRemove) {
    try {
      await api.users.delete({id: userId});
      console.log(`Removed user: ${userId}`);
    } catch (error) {
      console.error(`Failed to remove ${userId}:`, error);
    }
  }
}

Access Control Best Practices

Regular Audits

Monthly Review:

  • List all staff users
  • Verify roles still appropriate
  • Check for inactive accounts (no login in 90+ days)
  • Remove former employees still listed

Quarterly Deep Audit:

  • Review all Administrator and Owner accounts
  • Verify 2FA enabled on privileged accounts
  • Check for anomalous activity in logs
  • Update access documentation

Annual Compliance:

  • Full staff list review with HR
  • Document all access grants/removals
  • Verify against employee roster
  • Archive audit trail

Documentation Requirements

Maintain Staff Access Log:

Date Action User Email Role Approved By Reason Removed Date
2024-01-15 Added author@example.com Author Jane (Admin) New hire - content team
2024-02-20 Role Change author@example.com Editor Jane (Admin) Promotion to managing editor
2024-06-10 Removed contractor@example.com Contributor Jane (Admin) Contract ended 2024-06-10

Include in Documentation:

  • Who requested access
  • Business justification
  • Approval chain
  • Date granted
  • Initial role
  • Any role changes with dates
  • Date removed (if applicable)
  • Content transferred to (if removed)

Security Incidents

If User Account Compromised:

  1. Immediate Actions:

    • Change user password immediately (if Owner/Admin)
    • Revoke user access (remove from Ghost)
    • Review recent activity logs
    • Check for unauthorized content changes
    • Verify no integrations added

  2. Investigation:

    • Determine scope of compromise
    • Check if API keys exposed
    • Review code injection for malicious scripts
    • Verify member data not accessed

  3. Remediation:

    • Restore any damaged content
    • Rotate all shared credentials
    • Reset API keys/webhooks
    • Notify affected users (if member data involved)

  4. Prevention:

    • Enforce 2FA on all Admin+ accounts
    • Implement IP allowlisting (if available)
    • Regular security training
    • Audit access quarterly

Ghost(Pro) vs. Self-Hosted

Ghost(Pro)

  • User management via Ghost Admin UI only
  • No direct database access
  • SCIM/SSO available on higher-tier plans
  • Support can assist with bulk operations

Self-Hosted

  • Full database access (manual user management)
  • Can use Ghost Admin API for automation
  • Custom authentication possible
  • Responsible for security and backups

Common Issues

Issue: Invitation Email Not Received

Solutions:

  1. Check spam/junk folder
  2. Verify email configuration (Settings → Email)
  3. Test with different email provider (Gmail, Outlook)
  4. Resend invitation (delete and re-invite)
  5. Check Ghost logs for email errors (self-hosted)

Issue: Cannot Remove User (Owner)

Solution:

  • Transfer ownership to another user first
  • Then remove former Owner

Issue: Deleted User Content Still Shows

Expected Behavior:

  • Ghost retains published content after user deletion
  • Author page remains live
  • To remove: Transfer all content, then author page empties

Issue: User Locked Out After Role Change

Solution:

  • Role changes don't lock users out
  • User may need to refresh browser
  • Clear browser cache and cookies
  • Try logging out and back in

Next Steps

Back to top