Organization Members

Overview

Users with an Administrator or Manager role can manage Organization Members. They can invite or remove Users from an Organization and manage their permissions through RBAC .

Managing users

Inviting Users to an Organization

An Organization Administrator or Manager can invite new Users to join an existing Organization in the Humanitec Platform Orchestrator. An invitation involves sending an email that contains a one-time link that the invited User can follow to associate the account they use for authentication with the Humanitec Organization. The link will expire after 7 days. If the link has expired before a User has accepted the invite, a new invite can be sent.

  1. Select Organization members from the navigation menu.
  2. In the Email text box on the left-hand side, add the User’s email address you want to invite.
  3. Select a role for the User to invite from the Role dropdown on the right-hand side. You will only have the option to invite Administrators to your Organization if you are an Administrator yourself.
  4. Select Send invite to invite the User.

Add the User as a Manager for an Organization:

humctl api post /orgs/${HUMANITEC_ORG}/invitations \
    -d '
{
  "email": "[email protected]",
  "role": "manager"
}
'

Not yet supported by the Humanitec provider .

Removing Users from an Organization

Users can be removed from an Organization by Organization Administrators and Managers. Organization Managers can only remove Users with the same or less privileged Organization Role. They can’t remove Administrators.

  1. Select Organization members from the navigation menu.
  2. Find the User you want to remove.
  3. Select the trash can icon.
  4. Select Remove user to confirm.

Remove the User from an Organization:

humctl api delete /orgs/${HUMANITEC_ORG}/users/${USER_ID}

Not yet supported by the Humanitec provider .

Managing role assignments

Organization level roles

Only an Organization Administrator or Manager can change the User’s Organization Role.

Only an Organization Administrator can grant an Administrator Role.

  1. Select Organization Members from the navigation menu.
  2. Find the User whose role you want to modify and select Change role.
  3. Select a role you want the User to have from the Role dropdown.
  4. Click Save to apply the changes.

Update User’s Organization level role:

humctl api patch /orgs/${HUMANITEC_ORG}/users/${USER_ID} \
    -d '
{
  "role": "manager"
}
'

Not yet supported by the Humanitec provider .

Application level roles

Only Organization Administrators and Application Owners can grant Application Roles.

Application Roles can be managed in the People tab on the Application Details Screen by adding new Users to the App or changing the roles of already added Users.

  1. Select People tab on the Application Details Screen.
  2. Select + Add members to enter the email address or name of the User to add.
  3. Select a role for the User to add from the Role dropdown.
  4. To add the user, select Add.

Alternatively, Administrators can view and manage User’s Applications level roles from that User’s Details Screen.

  1. Navigate to the User Details Screen from the Organization Members list by clicking on their Name.
  2. In the Applications tab, find the right App and select Change role.
  3. Select a role for the User from the Role dropdown. Choose None if you want to revoke all access from the selected Application.
  4. Click Save to apply the changes.

Obtain the ID of the user, either by using the Web UI or by displaying the list of users:

humctl api get /orgs/${HUMANITEC_ORG}/users

Set the user ID:

export USER_ID=<id>

Set the app ID:

export APP_ID=<id>

Add the user as Developer for the app:

humctl api post /orgs/${HUMANITEC_ORG}/apps/${APP_ID}/users \
  -d '
{
  "id": "'${USER_ID}'",
  "role": "developer"
}
'

Define the user ID and the app ID:

variable "user_id" {
  type  = string
}
variable "app_id" {
  type  = string
}

Define the mapping of the Role developer to the user for an Application:

resource "humanitec_application_user" "application_user" {
  app_id  = var.app_id
  user_id = var.user_id
  role    = "developer"
}

Environment Type level roles

Note that only Organization Administrators can grant Environment Type Roles.

  1. Select the Environment Types from the navigation menu.
  2. Select the Deployers button on the Environment Type you want to configure. This will open a configuration pop up.
  3. On the modal, add the email address or name of the User you would like to add as a Deployer.
  4. Select Done to continue.

Alternatively, Administrators can view and manage Users’ Environment Types’ roles from the User’s Details Screen.

  1. Navigate to the User Details Screen from the Organization Members list by clicking on their Name.
  2. In the Environment Types tab, find the right App and select Change role.
  3. Select a role for the User from the Role dropdown. Choose None if you want to revoke all access from the selected Environment Type.
  4. Click Save to apply the changes.

Obtain the id of the user, either by using the Web UI or by displaying the list of users:

humctl api get /orgs/${HUMANITEC_ORG}/users

Set the user ID:

export USER_ID=<id>

Set the environment type:

export ENVIRONMENT_TYPE=<env-type>

Add the user as Deployer for the environment type:

humctl api post /orgs/${HUMANITEC_ORG}/env-types/${ENVIRONMENT_TYPE}/users \
  -d '
{
  "id": "'${USER_ID}'",
  "role": "deployer"
}
'

Define the user ID and the environment type:

variable "user_id" {
  type  = string
}
variable "env_type_id" {
  type  = string
}

Add the user as Deployer for the environment type:

resource "humanitec_environment_type_user" "environment_type_user" {
  env_type_id = var.env_type_id
  user_id     = var.user_id
  role        = "deployer"
}
Top