User Management
WITHIN SPYCLOUD INVESTIGATIONS MODULE
🧭 Overview
SpyCloud's console lets admins create, review, and maintain the roster of users who can access your organization. Each account record stores the person’s identity (name & email), their RBAC role (Admin or Operator), any licensed Investigations seats applied, and their status (Active, Pending, or Paused). All changes are enforced by SpyCloud’s fine‑grained authorization (FGA) engine, ensuring least‑privilege across UI and API.
📊 Users Table at a Glance
Prerequisite: Admin Role
Navigate to Configuration → Users to view a sortable table of every account in the organization.
| Column | Description |
|---|---|
| Name / Email | Primary identity fields used at sign‑in |
| Role | RBAC role (Admin / Operator) controlling feature access |
| Licenses | Lite / Pro seat assignments (if any) |
| Status | Active (full access) · Pending (invitation sent) · Paused (log‑ins blocked) |
| Actions (⋯) | Edit, Force Reset, Pause, Delete |
👇USERS TABLE
➕ Adding a New User
Prerequisite: Admin Role
- From
Configuration → Usersclick the Add User button in the upper‑right corner - Fill in Name and Email
- Choose an RBAC Role (Admin or Operator)
- Toggle the desired Investigations Lite or Pro license seat
- Click Add User
The user receives an activation email and appears in the table with Pending status until they complete account setup.
👇ADD USER
📶 Understanding Account Status
| Status | Meaning | Typical Scenarios |
|---|---|---|
| Pending | Invitation sent; user has not completed login | Newly added employees |
| Active | Fully provisioned; can sign in and use features | Day‑to‑day analysts |
| Paused | Credentials retained, log‑in blocked | Parental leave, contractor gap |
Admins can toggle between Active and Paused at any time without losing history or seat allocation.
✏️ Editing an Existing User
Prerequisite: Admin Role
- In the Users table, find the user
- Click the ⋯ Options button and select Edit
- Update Name, Email, Role, or License toggles
- Click Save Changes
Updates apply immediately; seat counts adjust when license toggles are changed.
👇EDIT USER
🧯 Advanced User Actions
Prerequisite: Admin Role
Within the Edit User dialog, Admins can access advanced controls:
- Force Password Reset – invalidates current password and sends a reset link
- Pause User – blocks login without deleting history
- Delete User – permanently removes the account and reclaims any assigned license
👇ADVANCED CONTROLS
🧠 Best Practices & Tips
- Use Pause instead of Delete for temporary absences to preserve audit history
- Assign the minimum RBAC role required for each user’s responsibilities
- Review the Users table monthly to off‑board departed staff and reclaim unused seats
Updated 3 months ago