Skip to main content

User Management [Manager Only]

Path: /users

A page for managing users within an organization and assigning roles. This page is only accessible to organization managers (Manager role).

User Management Screen

Why Do You Need User Management?

When working on team projects, having all team members with identical permissions can be risky. For example, you need to prevent situations where a new developer accidentally changes production server settings, or an external contractor accesses sensitive information.

The [User Management] page provides the following benefits:

  • Enhanced Security: Prevent security incidents by granting only necessary permissions to the right people.
  • Separation of Responsibilities: Clearly distinguish who can perform what actions.
  • Efficient Collaboration: Allow team members to focus on features relevant to their roles.
Role-Based Access Control (RBAC)

KIWI follows the Role-Based Access Control (RBAC) principle. You can implement the "principle of least privilege" by assigning appropriate roles based on users' positions or responsibilities.

Understanding the Role System

KIWI provides two roles. Understand the characteristics of each role and assign them appropriately for your situation.

  • Manager (Organization Admin): Target users include team leaders, project managers, and system administrators. Key permissions: Invite/remove users, change roles, grant permissions, modify org settings. Restrictions: Cannot change own role.
  • Member (Regular Member): Target users include developers, operators, and external contractors. Key permissions: Use features within granted permissions, basic view access. Restrictions: No access to user management features.
Role Selection Guide
  • When Manager role is needed: When you need to manage team members or invite new members.
  • When Member role is appropriate: When focusing only on development/operations and delegating user management to others.

Generally, we recommend having 2-3 Managers per team to ensure business continuity.

Multi-Organization Membership

A single user can belong to multiple organizations and have different roles in each. For example, you might be a Manager in Project A but a Member in Project B.

User List Screen Layout

Here's the information available and actions you can perform in the user list.

  • Email: User's login email address. Used for accurate user identification.
  • Name: User's display name. Reference when identifying team members.
  • Role: Manager or Member. Used for understanding permission scope.
  • Join Date: Date joined the organization. Used for team management and audit purposes.
  • Status: Active or Inactive. Used for checking account status.

How to Use

Inviting New Members

Here's how to invite new team members to your organization. Invited users will receive a signup link via email.

  1. Click the Invite User button at the top of the [User Management] page.

  2. Enter the invitation details:

    • Email (required): Enter the user's company email address.
    • Role (required): Select the appropriate role using the guide below
      • Manager: For team leaders, project managers, etc. who need admin permissions.
      • Member: For regular developers, operators, etc. who need basic permissions.

  3. Click the Send Invitation button.

  4. Once the invited user checks their email and completes signup, they will appear in the list.

Invitation Email Validity Period

Invitation emails are valid for 7 days after sending. If not accepted within this period, the invitation expires and you'll need to send a new one.

If the Invitation Email Hasn't Arrived?
  • Check the spam/junk folder
  • It may have been blocked by company email server security policies
  • Verify there are no typos in the email address.
  • If the issue persists, contact your system administrator

Changing a User's Role

Here's how to change an existing member's role. Role changes take effect immediately, and the user will have new permissions without re-logging in.

  1. Find the user whose role you want to change in the user list.

    • Use the search function if the list is long

  2. Click the Change Role button in that user's row.

    • Or you can click directly on the role column

  3. Select the new role:

    • Manager: Grant administrator permissions.
    • Member: Change to standard permissions.

  4. Click the Save button to complete the change.

Role Changes Apply Immediately

Role changes are applied immediately. Even if the user is currently logged in, refreshing the page will apply the new permissions.

Removing a Member

Here's how to remove a member who no longer needs to belong to the organization.

  1. Find the user you want to remove in the user list.

  2. Click the Remove button in that user's row.

  3. When the confirmation dialog appears, click the Remove button to confirm.

Cautions When Removing Members
  • The removed user will lose all access to this organization
  • Membership in other organizations is not affected.
  • A new invitation is required for the removed user to access again
  • The last remaining Manager cannot be removed (at least 1 Manager required per organization)

Searching for Users

Here's how to quickly find specific users when you have many members.

  1. Enter a search term in the search box at the top of the screen:

    • Email address: Full or partial (e.g., kim@, @company.com)
    • User name: Full or partial.

  2. Press Enter or click the search button.

  3. Find the desired user in the search results.

Understanding Invitation Status

After sending an invitation, you can check the status and take necessary actions.

  • Pending: Invitation sent, awaiting acceptance. Required action: Ask the invitee to check their email.
  • Accepted: Invitation accepted, registered as member. No further action needed.
  • Expired: Validity period (7 days) has passed. Required action: Send a new invitation.
  • Rejected: Invitee declined the invitation. Required action: Confirm with them and re-invite if needed.

Frequently Asked Questions

Can I Change My Own Role?

No, you cannot change your own role. This is a safety measure to prevent accidental loss of permissions. If you need a role change, please ask another Manager.

Can I Invite External Contractor Personnel?

Yes, you can invite anyone with an email address. However, for security, we recommend inviting them as Members and granting only the minimum necessary permissions through the [Permissions] page.

Best Practices

Recommendations for Effective User Management
  • Maintain 2-3 Managers: Designate multiple Managers to prepare for situations like vacations or resignations.
  • Regular Member Reviews: Review the member list quarterly and clean up unnecessary accounts.
  • Principle of Least Privilege: Start new members with the Member role and add permissions as needed.
  • Immediate Offboarding: Remove departing employees from membership immediately to maintain security.

Glossary

If you encounter unfamiliar terms, refer to the explanations below.

  • Organization: The top-level unit for managing users and resources in KIWI. This can be a company, department, or project team.
  • Role: A classification that determines the scope of user permissions. There are two types: Manager and Member.
  • Membership: The state of belonging to a specific organization. A single user can have memberships in multiple organizations.