Users & Access Levels
Manage organisation membership, invitations, and global access levels from this screen.
Adding users
- Invite manually – Provide name, email, and global access level (Owner, Admin, Regular). Invited users receive an email to set their password.
- SSO auto-provisioning – If SSO is enabled with auto-provision, users who sign in with an approved email domain are created automatically with the default access level you specify.
Access levels
| Level | Capabilities |
|---|---|
| Owner | Full access to configuration, billing, integrations, SSO, and all projects. |
| Admin | Manage configuration (users, roles, groups, integrations) but not billing. |
| Regular | Access only to the home page and projects they are invited to. |
User management
- Enable/disable – Toggle a user’s access without deleting their history. Disabled users cannot sign in.
- Resend invitations – Send another invite email if the user missed the first one.
- Reset passwords – Trigger password reset emails for local-auth users.
- Audit access – View last sign-in, SSO provider, and active sessions.
Tips
- Pair users with groups to manage access at scale.
- Keep at least two Owners active so you always have someone who can manage billing and SSO.
- Use the audit log to track when access levels change or when users are disabled.