Skip to content
IntelliAuth

Users overview

A user is a person (or service account) that signs into one of your tenant's applications. The Users surface lists every user record in the tenant.

The list view

Section titled “The list view”

Users in the sidebar. By default you see: email, name, state, last sign-in, created-at. Filters:

  • State — Active / Disabled / Pending verification.
  • MFA enrolment — Enrolled / Not enrolled.
  • Created — last 7 days / 30 days / any time.
  • Search — substring against email + name + custom attributes.

Multi-select supports bulk: disable, enable, force MFA reset, delete (with confirmation).

The detail page

Section titled “The detail page”

Click a row to open the user. You see:

  • Header — email, name, state, MFA enrolment badge.
  • Profile tab — email, name, given_name, family_name, locale, picture, custom attributes.
  • Identities tab — every identity attached to this user (password, Google, GitHub, SAML connection X, etc.).
  • MFA tab — every enrolled factor with kind + label + created_at; remove individually.
  • Groups tab — group memberships; add / remove from this page.
  • Sessions tab — active sessions across devices; revoke individually or all.
  • Sign-in history — recent successful and failed sign-ins; useful for incident investigation.
  • Audit summary — every administrative action taken on this user, with actor + timestamp.

Every field on Profile is in-place editable. Identity + MFA changes are click-driven; sessions revocation is one-click + confirm.

Common operations

Section titled “Common operations”
  • A user can't sign in → check state (Disabled? Pending verification?), check failed sign-in history.
  • A user lost their second factor → Force MFA reset.
  • A user left the company → Disable immediately; consider Delete after the retention window.
  • A user requests their data → export from the audit log + the user record.

User vs identity

Section titled “User vs identity”

A user can have multiple identities. Anita signs up with password; later she links her Google account; later she's federated via SAML through her employer. Three identities, one user record, one set of attributes + group memberships.

The Identities tab on the detail page lists all of them. Each row has the provider, the external subject id, the email at the provider, the linked-at timestamp. You can detach an identity manually if needed (e.g., a federated identity that's no longer authorised).

Boundary

Section titled “Boundary”

Users are tenant-scoped. A user in production-cymmetri has no presence in staging-cymmetri. The closest the platform comes to "the same human across tenants" is cross-tenant identity aggregation in the CP admin console — see the CP-side cross-tenant identities topic.