Unlimited seats.
The permissions a real church staff actually needs.
Every staff member, every volunteer leader, every ministry director — invite them all. Seats are unlimited. Twelve built-in role definitions cover the jobs a church staff actually has, with ministry-scoped permissions for ministry leaders and per-seat grants for one-off needs. Audit log on every change.
Permissions modeled on how a church is actually staffed
Per-seat pricing punishes churches
for delegating well.
Most church platforms charge per seat. That model creates a perverse incentive: the more you delegate, the more you pay. So lead pastors keep five logins to themselves rather than give the communications director her own. Ministry leaders share a generic “leader” login. The kids director is logged in as the office admin. Permissions become messy because the accounting drives behavior, and the platform's audit log becomes useless because half the actions trace back to a shared account.
On TrueConnect+, staff seats are unlimited. Forever. As part of the $379 flat fee. Invite the lead pastor, the executive admin, the worship director, the kids director, the hospitality leader, the men's ministry leader, the prayer team coordinator, every small-group leader, and every elder. Each one gets their own login, their own permissions scoped to their actual job, and their own action history in the audit log. Delegation stops costing extra. Every staff and leader interaction is attributable.
Beneath the unlimited-seats decision is a permission model built specifically for how a real church is staffed. Twelve system roles — not three abstract permission tiers — match the jobs actual churches have. Ministry Leader and Leader / Elder give ministry-scoped access without platform-wide admin. Per-seat permission grants handle the one-off (give the worship director temporary access to giving reports during the building campaign), without creating a new role. The system is built to be flexible without becoming a nightmare to audit.
The roles map to the jobs a church staff actually has.
The system role catalog isn't three tiers of generic permission. It's twelve named roles, each with permissions matched to the job: Owner, Administrator, Pastoral Care, Communications Director, Financial Administrator, Volunteer Coordinator, Worship Director, Childcare Coordinator, Content Producer, Viewer, Ministry Leader, and Leader / Elder.
The Communications Director can send broadcasts and build workflows but can't see giving reports. The Financial Administrator can pull giving reports but can't see pastoral notes. The Childcare Coordinator can manage the kids ministry but can't edit sermon records. Pastoral Care sees confidential pastoral notes that finance never sees. Each role does its job without seeing what doesn't belong to it.
- Twelve system roles aligned with how real churches are staffed
- Permissions per role tuned to the actual job, not abstract tiers
- Owner role can transfer ownership and cancel; Administrator has full operational access but cannot
- Pastoral Care sees confidential notes; Financial Administrator sees giving; neither sees the other
A leader leads what they lead. Nothing more.
The recovery ministry leader needs to manage her ministry — her group leaders, her members, her meetings, her communications — without seeing the rest of the church's data. Most permission systems force a choice: give her platform-wide admin (and trust she won't wander) or give her nothing (and let her work from a spreadsheet she emails to staff).
Ministry Leader and Leader / Elder roles solve that with scoped permissions. A Ministry Leader manages the ministries they've been granted scope to, period. They can't see other ministries. They can't access platform-wide settings. They can't pull giving reports. They can lead well, within the scope of their leadership, without becoming a security risk.
- Ministry Leader role with per-ministry scope (granted ministry-by-ministry)
- Leader / Elder role for recognized church leaders with read access to people directories
- Scoped permissions enforced at the data layer, not just the UI
- Ministry leaders can't access platform-wide settings or other ministries
The one-off, without inventing a role.
The Worship Director needs to see giving reports for the next six weeks because she's leading a fundraising push for new equipment. Normally Worship Director doesn't have that permission — and creating a new role for one person for six weeks is the wrong solution.
Per-seat permission grants give the Owner a way to extend a specific permission to a specific staff member without changing the role catalog. Grant donations.read to the Worship Director, attach a note explaining why, and the grant lives in the audit log. Revoke it when the campaign ends. The role catalog stays clean. The audit log holds the “why” forever.
- Grant any individual permission to any specific staff seat
- Attached reason captured at grant time; visible in the audit log
- Revocable in one tap
- No need to invent custom roles for one-off needs
The infrastructure beneath the roles
Built to scale, audit, and survive staff turnover.
Full audit log
Every permission grant, every role assignment, every revoke is logged with a timestamp, an actor, and a reason. The Owner can pull an audit of who had what access on any date in the past. Compliance posture is built in, not bolted on.
Two-factor authentication
Optional 2FA for any staff seat, required 2FA enforcement for Owner / Administrator / Financial Administrator roles. Authenticator apps, recovery codes, and emergency-access support built in.
Invite + onboarding flow
Send a staff invite from the admin console — choose the role at invite time, and the new staff member walks through a guided first-login that orients them to their role-specific surfaces.
Owner ownership transfer
When a senior pastor retires or transitions out, the Owner role can transfer cleanly to their successor with audit-logged confirmation from both parties. No support-ticket dance. No accidental lockout.
Session management
See every active session per staff member. Force a logout from a specific device. Pre-configured session-timeout policies per role (Pastoral Care sessions auto-logout faster than Viewer).
Unlimited seats, forever
The $379 platform fee includes unlimited staff and volunteer-leader seats. Period. Add the whole leadership team. Add every small-group leader. Add every ministry director. The cost doesn't change.
What a real church staff actually looks like, mapped to permissions.
A 600-member church might have a lead pastor (Owner), an executive admin (Administrator), two associate pastors (Pastoral Care), a communications director (Communications Director), a bookkeeper (Financial Administrator), a worship director (Worship Director), a kids director (Childcare Coordinator), a youth pastor (Ministry Leader, scoped to the youth ministry), a men's ministry leader (Ministry Leader, scoped to men's), a women's ministry leader (Ministry Leader, scoped to women's), twelve small-group leaders (Ministry Leader, each scoped to their group), three elders (Leader / Elder), and a volunteer coordinator (Volunteer Coordinator).
That's 28 staff and leader seats. On a typical per-seat platform, at $25-50 per seat per month, that's an extra $700-1400/month — on top of the platform fee. On TrueConnect+, that's the platform fee. $379, flat, regardless of how many people you delegate to.
Every one of those 28 seats has the right permissions for their role, ministry-scoped where appropriate, with full audit history. The lead pastor delegates without flinching. The communications director runs her programs. The youth pastor leads his ministry. The elder team has the visibility they need. The platform makes good delegation cheap and bad delegation auditable.