Users¶
Users are the people who can sign in to your organization. Each user has a single identity across Cloud Digit (one email = one user) but belongs to one or more organizations, each with its own role.
Where users live¶
| Layer | Scope | Managed in |
|---|---|---|
| Identity (email, password, MFA, SSO links) | Global, one per email | User menu → Account |
| Organization membership | Per org | Org settings → Members |
| Project assignment | Per project | Project sidebar → Access |
| Role within an org / project | Per scope | Same places where membership is set |
This separation matters: removing someone from a project doesn't kick them out of the organization; removing them from an org does revoke all their project access in that org but doesn't delete the underlying identity (they may still belong to other orgs you can't see).
Inviting a user to your organization¶
Open Organization settings → Members (settings cog on the org card on the landing page, then Members tab).
Organization Members. The current admin's view; orange "OWNER" badge marks the active user.
Click + Invite member. The invite form asks for:
| Field | Notes |
|---|---|
| The person's email — becomes their Cloud Digit identity if they don't already have one | |
| Role | Their org-level role: Owner / Admin / Billing / Member / Read-only (see Roles & permissions) |
| Send to | Optional CC list for the invite notification |
| Note | Optional message included in the invite email |
Once submitted:
- Cloud Digit emails the invite (sender:
noreplyat your Cloud Digit domain) - The invited person clicks the link, completes sign-up (or signs in to their existing identity)
- MFA enrolment is required immediately if their role is Owner or Admin
- They land on your org with the role you assigned
Invites expire after 7 days. Re-send from Members → ⋯ on the invited row → Resend invite.
Member profile fields¶
Each member's row shows:
- Avatar + name (display name from their account)
- Email (primary identity)
- Role badge (Owner / Admin / Member / etc.)
- Status —
Active,Invited(link sent, not yet accepted),Suspended - Last sign-in — relative time
- MFA —
Enabled/Not required/Required (missing)icon
Clicking a row opens the member detail panel:
Member detail panel showing identity attributes and per-project assignments.
Top section: identity attributes (email, name, locale, timezone, last sign-in IP, MFA status).
Middle section: per-project assignments — which projects in this org the user can access, and at what role.
Bottom section: actions — Change role · Suspend · Remove.
Suspending vs removing¶
| Action | What happens | Reversible |
|---|---|---|
| Suspend | User can't sign in; existing API tokens stop working; their resources keep running and their work history is preserved | Yes — click Unsuspend |
| Remove | Membership in this org is deleted; their API tokens scoped to this org are revoked. The underlying identity survives (they may still be in other orgs) | Re-invite to bring them back |
Common use: suspend departing staff for a 30-day handover window, then remove them once their work has been reassigned. This is the BB ICT 4.0 §7 (HR Security) pattern.
Removing yourself¶
You cannot remove yourself from an org if doing so would leave the org without an Owner. Promote someone else to Owner first.
Project-level membership¶
Adding someone to the organization lets them sign in. To let them do anything inside a project, you also need to add them as a project member — open the project, then sidebar → Access → + Add member. See Projects and Roles & permissions.
The flow:
graph LR
A[Invite to org<br/>Owner / Admin / Member ...]
B[Add to project<br/>Project Admin / Member ...]
C[User can do things<br/>inside the project]
A --> B --> CA user who's a Member of the org but not added to any project can sign in but sees an empty Console with no projects. Sometimes that's what you want (e.g., a Billing user who only needs the org-level Financial pages).
Profile and personal settings¶
A user's own profile is reachable from User menu → Account. Each user can manage:
- Display name and avatar
- Preferred language and time zone
- Email preferences (which notifications they receive)
- MFA — enrol additional devices, generate recovery codes, revoke a lost device
- Password — change password (only for password-auth accounts)
- Linked identity providers — Google / GitHub / Microsoft links can be added or removed (subject to org policy)
- API tokens — see API tokens & service accounts
- Active sessions — list of currently-active browser sessions with last activity, location, and a per-session Revoke button
The Account page reached from the User menu. Personal settings, MFA, sessions, and API tokens live here.
SSO / federation considerations¶
If your org uses enterprise SSO (SAML or OIDC against your IdP — see SSO):
- New users are typically provisioned automatically on first sign-in (just-in-time provisioning) using attributes from your IdP
- Their role is decided by your IdP's group mapping (e.g., the
cloud-digit-adminsgroup → Admin role) - Password reset and MFA happen at your IdP, not in Cloud Digit
- Suspending a user in your IdP suspends their Cloud Digit access on the next session refresh
Audit trail¶
Every membership change is recorded in the audit log:
- Invite sent / accepted / declined / expired
- Role change (with before / after values)
- Suspension / unsuspension
- Removal
- Failed sign-in attempts (with IP and reason)
Audit-pack exports include the per-user activity history for the period requested.