Invite team members, manage roles and permissions, and control access to your Trust Center Admin interface

User Management

The User Management system allows you to invite team members, assign roles and permissions, and control access to your Trust Center Admin interface. Maintain security while enabling collaboration across your compliance and customer success teams.

What You'll Learn

How to invite and manage team members
Understanding roles and permission levels
Managing user access and security settings
Monitoring user activity and login patterns
Handling user lifecycle and access revocation

Prerequisites

Admin role required for full user management
Account Manager role can view team members but not modify
Access to the Trust Center Admin interface
Understanding of your organization's access control requirements

User Management Overview

The main users page provides comprehensive team member management with role-based access control and security monitoring.

Users Overview The user management dashboard showing team members, roles, and access control settings

Key Features

👥 Team Directory

View all team members with roles and status
Search and filter users by role, status, or department
Quick access to user profiles and settings
Recent activity and login tracking

🛡️ Role-Based Access Control

Predefined roles with appropriate permissions
Custom role creation for specific needs
Granular permission management
Inheritance and role hierarchies

📧 Invitation Management

Send secure email invitations to new team members
Track invitation status and expiry
Resend or revoke pending invitations
Bulk invitation capabilities

🔐 Security Controls

Two-factor authentication requirements
Session management and timeout controls
Login activity monitoring and alerts
Password policy enforcement

User Roles and Permissions

Standard Roles

Built-in Role Types: - Admin: Full system access including user management and settings - Account Manager: Manage accounts, documents, and customer interactions - Viewer: Read-only access to accounts and compliance content - Support: Access to knowledge base and customer support features

Role Permissions Matrix

Permission Area	Admin	Account Manager	Viewer	Support
Account Management	✅ Full	✅ Full	👁️ View Only	👁️ View Only
Document Management	✅ Full	✅ Full	👁️ View Only	❌ None
User Management	✅ Full	❌ None	❌ None	❌ None
Certifications	✅ Full	✅ Full	👁️ View Only	❌ None
Knowledge Base	✅ Full	✅ Edit	👁️ View Only	✅ Edit
Analytics	✅ Full	✅ Full	👁️ View Only	❌ None
Brand Settings	✅ Full	❌ None	❌ None	❌ None
Integrations	✅ Full	👁️ View Only	❌ None	❌ None

Custom Roles

Role Customization:

Create roles tailored to specific job functions
Combine permissions from different areas
Set role hierarchy and inheritance rules
Apply time-based or conditional access

Permission Granularity:

Resource-Level: Control access to specific features
Action-Level: Define what users can do (read, write, delete)
Data-Level: Restrict access to specific accounts or documents
Time-Based: Temporary access grants or scheduled permissions

Managing Team Members

Inviting New Users

Invite User

Step-by-step guide to inviting new team members

Role Assignment

Learn how to assign and manage user roles

User Invitation Process

Click "Invite User" to start the invitation workflow
Enter Email Address of the new team member
Select Role from available options or create custom role
Set Access Level including any specific restrictions
Add Personal Message (optional) to the invitation email
Send Invitation - user receives secure email with setup link
Track Status and resend if needed

User Lifecycle Management

Onboarding:

Welcome Process: Guided setup for new users
Training Resources: Links to documentation and tutorials
Initial Permissions: Start with minimal access and expand as needed
Mentorship Assignment: Pair new users with experienced team members

Active Management:

Regular Reviews: Quarterly access reviews and role adjustments
Permission Updates: Modify access based on changing responsibilities
Security Monitoring: Track login patterns and unusual activity
Performance Integration: Align access with performance reviews

Offboarding:

Access Revocation: Immediate account deactivation upon departure
Data Transfer: Reassign owned resources to other team members
Session Termination: Force logout from all active sessions
Audit Trail: Maintain records of user actions for compliance

Security and Authentication

Authentication Requirements

Security Standards:

Strong Passwords: Minimum complexity requirements
Two-Factor Authentication: Optional or mandatory 2FA
Single Sign-On: Integration with corporate identity providers
Session Management: Configurable timeout and concurrent session limits

Security Best Practices: - Enable two-factor authentication for all admin users - Regularly review and update user permissions - Monitor login patterns for suspicious activity - Implement strong password policies - Use SSO when available for better security and user experience

Session and Access Controls

Session Security:

Automatic Timeout: Sessions expire after inactivity
Concurrent Sessions: Limit number of simultaneous logins
Device Tracking: Monitor and manage authorized devices
Remote Logout: Force logout from all sessions if needed

Access Monitoring:

Login Attempts: Track successful and failed login attempts
IP Address Tracking: Monitor access from unusual locations
Device Fingerprinting: Identify and approve new devices
Activity Logging: Comprehensive audit trail of user actions

Compliance and Auditing

Audit Requirements:

Access Logs: Detailed records of all user activities
Permission Changes: Track role and permission modifications
Login History: Complete authentication and session records
Data Access: Monitor access to sensitive compliance information

Compliance Features:

Regular Access Reviews: Scheduled permission audits
Segregation of Duties: Prevent conflicting role assignments
Approval Workflows: Require approval for sensitive permission changes
Reporting: Generate compliance reports for auditors

Advanced User Management

Bulk Operations

Efficiency Features:

Bulk Invitations: Invite multiple users from CSV or email list
Role Updates: Change roles for multiple users simultaneously
Permission Sync: Apply permission changes across user groups
Status Changes: Activate, deactivate, or delete multiple accounts

Integration Capabilities

External Systems:

LDAP/Active Directory: Sync with corporate directory services
SAML SSO: Integrate with identity providers like Okta, Azure AD
SCIM Provisioning: Automated user provisioning and deprovisioning
HR Systems: Sync with HRIS for automated lifecycle management

Organizational Features

Team Structure:

Departments: Organize users by department or function
Teams: Create cross-functional project teams
Hierarchies: Implement reporting relationships and approvals
Groups: Manage permissions through group membership

Troubleshooting

Common User Issues

Invitation Problems:

Email Not Received: Check spam filters and email delivery logs
Expired Invitations: Invitations expire after 7 days, resend if needed
Wrong Role: Edit invitation or user role after acceptance
Domain Restrictions: Verify email domain is allowed for invitations

Access Issues:

Permission Denied: Review user role and specific permissions
Login Failures: Check password requirements and account status
2FA Problems: Provide backup codes or reset 2FA settings
Session Timeouts: Adjust session timeout settings if needed

Security Incidents

Compromised Accounts:

Immediate Steps: Deactivate account and force password reset
Investigation: Review access logs and identify potential damage
Communication: Notify affected users and stakeholders
Prevention: Implement additional security measures

Unauthorized Access:

Detection: Monitor for unusual login patterns or access
Response: Investigate and document security incidents
Remediation: Update permissions and security policies
Prevention: Enhance monitoring and access controls

Best Practices

Access Management Strategy

Principle of Least Privilege:

Grant minimum permissions necessary for job function
Regularly review and reduce excessive permissions
Use time-bound access for temporary needs
Implement approval workflows for elevated permissions

Role Design:

Create roles based on job functions, not individuals
Keep roles simple and understandable
Document role purposes and responsibilities
Regular review and updating of role definitions

Security Hygiene

Regular Maintenance:

Quarterly Access Reviews: Review all user permissions
Annual Role Audits: Update role definitions and permissions
Monthly Activity Reviews: Monitor user activity patterns
Continuous Monitoring: Alert on suspicious activities

Training and Awareness:

Onboarding Training: Security awareness for new users
Regular Updates: Keep team informed of security policies
Incident Response: Train users on reporting security issues
Best Practices: Share security tips and guidelines

How is this guide?

User Management

User Management

What You'll Learn

Prerequisites

User Management Overview

Key Features

User Roles and Permissions

Standard Roles

Role Permissions Matrix

Custom Roles

Managing Team Members

Inviting New Users

Invite User

Role Assignment

User Invitation Process

User Lifecycle Management

Security and Authentication

Authentication Requirements

Session and Access Controls

Compliance and Auditing

Advanced User Management

Bulk Operations

Integration Capabilities

Organizational Features

Troubleshooting

Common User Issues

Security Incidents

Best Practices

Access Management Strategy

Security Hygiene

Common Tasks

Next Steps

Invite Team Members

Security Settings

Account Management

On this page

User Management

Invite User

Role Assignment

How do I invite a new team member?

What's the difference between Admin and Account Manager roles?

Can I customize user roles for specific needs?

How do I handle a user who left the company?

What should I do if someone's account gets compromised?

Invite Team Members

Security Settings

Account Management

On this page