User Management
Under Admin → Users you manage all accounts of your organization.
The user list
| Column | Meaning |
|---|---|
| Name | Display name |
| Login address | |
| Role | Assigned role → Roles |
| Status | Active or deactivated |
| 2FA | Whether two-factor authentication is set up |
| Last login | Time of the last sign-in |
| Actions | Edit · Deactivate · Delete |
Click a column header to sort. The filters at the top narrow by role and status; the search box finds names and email addresses. The Show deleted switch reveals deleted accounts (see below).
Creating a user
- Click Create user.
- Enter email, display name and a password — you set the password yourself and pass it to the person over a secure channel.
- Choose the role (default: participant).
- Click Create.
First sign-in of admins
If you create an Org Admin, that person is taken through two-factor setup on their first sign-in — it is mandatory and cannot be skipped. See 2FA.
Editing a user
Edit lets you change the display name and the role. A role change takes effect immediately; the person sees the matching menu entries on their next page load.
Deactivate rather than delete
Deactivate blocks sign-in but leaves all data untouched. This is the right move when somebody leaves or pauses — reversible at any time.
Deleting and restoring
Delete first only removes the account from the list:
- The account stays restorable for 30 days. Turn on Show deleted and use the Restore action.
- After those 30 days the account is anonymized automatically: name and email are irreversibly replaced. Its audit-log entries remain (they must be retained) but can no longer be attributed to a person.
After anonymization
From that point there is no way back — not even for the operator. If someone should only temporarily lose access, deactivate them instead of deleting.
Guests
Guests have no account and therefore do not appear in this list. They are created when they join a run and are deleted automatically once the retention period expires.