Manage Team Members
Use the Team Members page to view all team members, manage their access, and perform bulk user management actions.
Use it to:
- Invite new users to the team
- Ensure consistent identity policy enforcement across accounts, teams, and login methods
- Enforce SSO by restricting non-admin users from logging in with Coralogix credentials.
- Remove users from the team, one-by-one or in bulk, for onboarding and offboarding cycles
- Reset user passwords
Access the Team Members page
All users have access to the Team Members page. To access it:
- Sign in to Coralogix.
- Open the team you want to manage.
- In the main menu, select Settings, then Team Members.
Select one of the following tabs:
- Current members: Table of all existing members of the team
- Pending invites: Users who have been invited but have not yet joined
Work with the Current members tab
Understand the Current members table
The Current members tab shows one row per user in the team, including your own account. Each column gives specific information:
| Column | Description |
|---|---|
| User | User’s email address. |
| Join date | Date the user was added to the team. |
| Expiry | Date when the user’s access to this team expires, if temporary access has been granted. |
| Login mode | How the user is allowed to sign in. Can be local credentials, SSO, both, or undefined. |
| Roles | User’s assigned permission role or roles in this team (for example, Observability Lead or Data Admin). |
| Groups | User’s group membership. |
To edit a user’s details, select the pencil icon in that user’s row.
Sort and filter the table
You can sort and filter the table to find specific users:
- Select a column header to sort by that column.
- Use filter controls above the table to narrow the list by group.
You can combine filters. For example, you can show only users in a specific group whose access expires soon and who still have local sign-in enabled.
Search for members
Use the search above the table to find members by:
- Full name
- Partial name
- Email address
Search results respect any filters you have already applied.
Manage a single user
On the Current members tab, find the user and select the pencil icon in that user’s row.
Manage group memberships
Add the user to one or more groups, or remove them from existing groups.
Group changes affect a user’s role-based permissions.
Configure allowed sign-in methods
Update the user’s sign-in options.
Select one of the following login modes:
- Local: Allow local Coralogix credentials only.
- SSO: Allow sign-in only through your identity provider.
- Both: Allow both local credentials and SSO.
Note
Once SSO is attached to a user, it follows the user across all teams.
Reset a user’s password
Password reset applies to users who are allowed to sign in with local credentials.
- Select Reset password.
- Confirm the reset.
The user receives instructions to set a new password. The row also shows the last password change date, so you can verify when the password was last updated.
Once a password for a user is reset, it follows the user across their team memberships.
Set or update an access expiry date
The ability to invite temporary users to your team provides you with greater control of access management capabilities and increased security measures. Temporary access is ideal for contractors, auditors, or short-term employees who only need access for a limited period.
Instead of manually tracking access and dates, you can define them in advance using the built-in expiration date feature. This helps ensure that your data is not accessible beyond the user’s active engagement with your organization.
Warning
Team and Send-Your-Data API keys remain valid even after the user’s access expires. Delete the personal API keys of expired users to prevent unauthorized API usage.
If you have not already done so, select Enable temporary access.
Then, do any of the following:
- Set a new expiry date.
- Update the existing date.
- Clear the expiry to give the user ongoing access.
The Expiry column updates with:
- The selected date
- The appropriate badge (Expired, X days, or No expiry)
Remove a user from the team
Removing a user from a team stops their access to that team. It does not affect their membership in other teams or organizations.
- Select the trash icon and then select Remove from team.
- Review the confirmation message.
- Confirm the removal.
The user no longer appears in the Current members table for this team.
Some users (for example, certain organization-level admins) might not be removable directly from the team.
Manage users in bulk
Bulk actions help you manage onboarding and offboarding cycles, as well as enforce policy changes for multiple users at once.
Select users for bulk actions
You can select multiple users based on filters and groups.
- On the Current members tab, filter the table to show the users you want to manage.
- Use group-based filtering and sorting as necessary.
- Select the check boxes next to each user you want to include, or select the header check box to select all users in the current view.
After you select users, use the bulk actions menu to update login mode, set expiry dates, or remove users.
Enforce SSO-only access in bulk
- Filter the table to show the users who must use SSO only.
- Select the users.
- From the bulk actions menu, select Change login method.
- Set Login mode to SSO.
- Save your changes.
All selected users are updated to use SSO-only sign-in, helping you enforce your identity policy consistently.
Note
SSO can only be enforced for team members.
Set expiry dates in bulk
- Select the users whose access should be time-limited.
- From the bulk actions menu, select Change expiry.
- Set a common expiry date for the selected users.
- Save your changes.
The Expiry column shows the new date and the appropriate badges for each user.
Remove multiple users from the team
Use bulk removal for onboarding and offboarding cycles when entire groups of users no longer need access.
- Filter the table to show the users you want to remove (for example, a project group that has finished its work).
- Select the users.
- From the bulk actions menu, select Remove from team.
- Review the confirmation message.
- Confirm the removal.
All selected users are removed from the team.
Invite new users
On both the Current members and Pending invites tabs, use the + Invite users button to add new people to the team through a guided flow that supports quick actions:
- Select + Invite users.
- Enter the user’s email address.
- Assign the user to one or more groups.
- Optional: Select Temporary access and set an initial access expiry date.
- Optional: Select + Add new to invite additional users.
- Select Send.
Coralogix sends an invitation email to each user with instructions to join the team.
Work with the Pending invites tab
Take quick and bulk actions vis-à-vis pending invitees.
Understand the Pending invites table
The Pending invites tab shows one row per invited user in the team. Each column gives specific information:
| Column | Description |
|---|---|
| User | Invitee’s email address. |
| Invite date | Date the user was invited to the team. |
| Groups | Invitee’s group membership. |
| Invited by | Date when the user’s access to this team expires, if temporary access has been granted. |
| Invite channel | The method by which an invitee was invited. |
Cancel invites
To cancel invites:
- Select a user or users.
- Select Cancel invite from a single user row or the bulk actions menu.
- Review the confirmation message.
- Confirm the removal.
Resend invites
To resend invites:
- Select a user or users.
- Select Resend invite from a single user row or the bulk actions menu.
- Review the confirmation message.
- Confirm the removal.
Common scenarios
Enforce SSO-only access for non-admin users
- On the Current members tab, filter by Login mode to find users who still have Local or Both configured.
- Select all matching users.
- Use the Change login mode bulk action.
- Set Login mode to SSO and save.
All selected users must now sign in using your identity provider.
Note
Consider allowing a few users to maintain their local sign-on method at all times, such as break-glass administrators or users who require a fallback in the event that your identity provider is unavailable.
Grant time-bound access to external users using expiry
- Using the + Invite users button, invite external users by email.
- Assign them to a group with limited scope.
- Set an access expiry date that matches the contract or engagement period.
- Choose the appropriate login mode (for example, SSO if they are federated through your identity provider).
- Send the invitations.
Later, you can:
- Return to the Current members tab.
- Filter by Group or Role to find these external users.
- Extend or shorten their expiry dates, or remove them from the team when the engagement ends.
This flow helps you keep access aligned with real-world contracts and reduces the risk of forgotten accounts.
Permissions
To view and manage team members and SSO settings, your role needs the following permissions:
| Capability | Permission |
|---|---|
| Create groups and control user membership and permissions | TEAM-GROUPS:MANAGE |
| View groups, group membership, and permissions | TEAM-GROUPS:READCONFIG |
| View team members | TEAM-MEMBERS:READCONFIG |
| Configure and modify team SSO settings | TEAM-SSO:MANAGE |