User Management

User Management

Comprehensive user management including creation, onboarding, profile management, and lifecycle administration.

Creating and Managing Users

###Adding New Users

Access user management from the dashboard:

Dashboard → Organization → Team → Add User

Manual Creation

Manual User Creation

Create individual user accounts:

Required Information:

• Email address (must match organization domain policy)
• Full name
• Role assignment
• Initial password (if not using SSO)

1. Navigate to Dashboard → Organization → Team
2. Click Add User button
3. Enter user details (email, name, role)
4. Set initial password or send invitation email
5. Configure initial permissions and access
6. Click Create User to complete

Email Verification

Users will receive an email verification link. They cannot log in until email is verified.

Bulk Import

Bulk User Import

Import multiple users from CSV file:

CSV Format:

email,name,role,first_name,last_name
john.doe@company.com,John Doe,engineer,John,Doe
jane.smith@company.com,Jane Smith,manager,Jane,Smith
bob.johnson@company.com,Bob Johnson,engineer,Bob,Johnson

1. Prepare CSV file with required columns
2. Navigate to Dashboard → Organization → Team → Import Users
3. Upload CSV file
4. Review user list and role assignments
5. Click Import to create all users
6. Monitor import progress and errors

Supported Fields:

• email (required): User email address
• name (required): Full display name
• role (required): Role assignment (owner, admin, manager, engineer, viewer)
• first_name (optional): First name
• last_name (optional): Last name
• department (optional): Department assignment
• manager_email (optional): Manager’s email

Validation

Import will fail if any email addresses are invalid or already exist. Fix errors and retry.

SSO Provisioning

SSO User Provisioning

Automatically create users via Single Sign-On:

Configuration:

{
  "sso_provider": "azure_ad",
  "auto_provision": true,
  "default_role": "engineer",
  "role_attribute": "groups",
  "role_mapping": {
    "admins": "admin",
    "managers": "manager",
    "engineers": "engineer"
  }
}

How it Works:

• Users authenticate via SSO provider (Azure AD, Okta, etc.)
• Account automatically created on first successful login
• Role assigned based on SSO attributes or group membership
• User profile populated from SSO claims

Required SSO Attributes:

• Email address
• Full name or first/last name
• Group membership (for role mapping)

See Security & Compliance for SSO configuration.

User Profile Management

Editing User Profiles

Access user profiles:

Dashboard → Organization → Team → [User] → Edit

Basic Information

Editable Fields:

• Full name and display name
• Contact information (email, phone)
• Avatar/profile picture
• Timezone and language preferences
• Department and manager assignment
• Job title and description

Account Settings

Status Management:

• Active: Full access with all assigned permissions
• Inactive: Temporary suspension with preserved data
• Suspended: Administrative suspension with blocked access
• Pending: User invited but not yet activated

Security Information:

• Email verification status
• Last login timestamp
• Failed login attempt count
• Active session information
• Password last changed date
• MFA enrollment status

Account Actions:

• Reset password
• Unlock account (after failed login attempts)
• Revoke active sessions
• Resend verification email
• Generate new MFA backup codes

User Onboarding Workflow

Automated Onboarding Process

New users receive automatic onboarding:

1. Welcome Email

   • Login instructions and temporary password
   • Links to getting started guide
   • Contact information for support

2. Initial Setup

   • Guided setup wizard on first login
   • Profile completion prompts
   • Timezone and preference selection

3. Role Assignment

   • Automatic role assignment based on email domain or SSO groups
   • Custom role assignment by administrators
   • Permission verification and testing

4. Resource Access

   • Automatic access to relevant procedures and dashboards
   • Team assignment and collaboration setup
   • Initial notifications and alerts configuration

Customizing Onboarding

Configure onboarding workflow:

Dashboard → Organization → Settings → Onboarding

Onboarding Configuration:

{
  "welcome_message": "Welcome to [Organization] Overwatch instance",
  "required_steps": [
    "profile_completion",
    "notification_preferences",
    "chrome_extension_setup"
  ],
  "default_dashboards": ["incidents", "procedures"],
  "training_resources": [
    {
      "title": "Getting Started Guide",
      "url": "/docs/user-guide",
      "required": true
    },
    {
      "title": "Chrome Extension Setup",
      "url": "/docs/chrome-extension",
      "required": false
    }
  ]
}

Onboarding Checklist:

• Profile completion
• Password change (if temporary password)
• MFA enrollment (if required)
• Notification preferences
• Chrome extension installation
• Team introduction
• First procedure execution

User Lifecycle Management

User Status Transitions

Pending

User invited but not yet activated.

Actions: Resend invitation, cancel invitation

Active

Full access with all assigned permissions.

Actions: Edit profile, suspend, delete

Inactive

Temporary suspension with preserved data.

Actions: Reactivate, delete

Suspended

Administrative suspension with blocked access.

Actions: Reactivate, delete

Offboarding Process

When a user leaves your organization:

1. Access Revocation

   • Immediately disable login access
   • Revoke all API keys
   • Terminate active sessions

2. Data Transfer

   • Transfer ownership of incidents to manager or team
   • Reassign open procedures
   • Update team assignments

3. Asset Recovery

   • Revoke Chrome extension access
   • Remove from notification channels
   • Archive user-specific data

4. Data Retention

   • Apply organization data retention policies
   • Archive user activity history
   • Maintain audit trail

5. Audit Trail

   • Log all offboarding actions
   • Document data transfers
   • Record final access timestamps

Data Preservation

User deletion is permanent after retention period. Transfer critical data before deletion.

Reactivating Users

Reactivate inactive or suspended users:

Dashboard → Organization → Team → [User] → Reactivate

Reactivation Process:

• Restore account access
• Send reactivation notification email
• Require password reset (optional)
• Restore previous role and permissions
• Update team assignments

User Search and Filtering

Advanced Search

Filter users by various criteria:

Dashboard → Organization → Team → Filters

Filter Options:

• Status: Active, Inactive, Suspended, Pending
• Role: Owner, Admin, Manager, Engineer, Viewer
• Department: Filter by department assignment
• Last Login: Filter by last login date
• Created Date: Filter by account creation date
• Manager: Filter by manager assignment

Search Capabilities:

• Search by name, email, or user ID
• Combine multiple filters
• Save filter presets
• Export filtered user lists

Bulk Operations

Bulk User Actions

Perform actions on multiple users:

Dashboard → Organization → Team → Select Users → Actions

Available Bulk Actions:

• Change role for multiple users
• Send notifications to selected users
• Suspend/activate multiple accounts
• Export user data
• Update department assignments
• Reset passwords

Bulk Safety Features:

• Preview changes before applying
• Undo capability (within 24 hours)
• Audit logging of all bulk operations
• Confirmation prompts for destructive actions

User Activity Monitoring

Activity Dashboard

Monitor user activity and engagement:

Dashboard → Analytics → User Activity

Key Metrics:

• Login frequency and patterns
• Feature usage statistics
• Incident creation and resolution
• Procedure execution frequency
• Collaboration activity
• API usage patterns

Activity Reports:

• Daily active users (DAU)
• Weekly active users (WAU)
• Monthly active users (MAU)
• Feature adoption rates
• User engagement scores

See Analytics & Monitoring for complete reporting.

Best Practices

User Management Guidelines

1. Regular Reviews: Conduct quarterly access reviews
2. Least Privilege: Assign minimum necessary permissions
3. Onboarding Consistency: Use automated onboarding workflows
4. Offboarding Protocol: Follow complete offboarding checklist
5. Activity Monitoring: Review user activity regularly

Security Recommendations

• Enforce strong password policies
• Require MFA for administrative accounts
• Monitor failed login attempts
• Regular audit log reviews
• Prompt offboarding for departed users

Compliance Considerations

• Document user provisioning and deprovisioning
• Maintain audit trails for access changes
• Implement data retention policies
• Regular compliance audits
• User consent tracking (GDPR)

Next Steps

RBAC Configuration

Configure roles and permissions for your users.

Setup RBAC →

Security Policies

Configure security policies and compliance settings.

Configure Security →

Analytics

Monitor user activity and engagement metrics.

View Analytics →

Need Help?

If you have questions about user management, contact support@overwatch-observability.com.

---

Related Documentation:

• Role-Based Access Control
• Security & Compliance
• Organization Setup