DocumentationSecurity & admin
DOCS

User management

Invite users, configure SSO, manage seat licenses, and offboard access across branches and external collaborators.

Read time:
7 min
Updated:
January 2026

Inviting users

Workspace admins invite users by email from Settings → Users. Specify branch, role, and optional team assignment. Invitees receive a link valid for seven days; resend or revoke pending invites anytime.

  1. 1

    Add user

    Enter work email and select branch plus role.

  2. 2

    Optional SSO

    If SSO is enabled, users in your domain auto-join on first login.

  3. 3

    Confirm seat

    Invitation consumes a seat upon acceptance.

Bulk invite

Upload a CSV with email, branch, and role columns for onboarding large teams after go-live.

Single sign-on

Enterprise plans support SAML 2.0 SSO with Okta, Azure AD, Google Workspace, and other identity providers. Configure ACS URL, entity ID, and attribute mapping in Settings → Authentication.

  • Just-in-time provisioning creates users on first SSO login
  • Group mapping assigns roles from IdP group membership
  • Enforce SSO to disable password login for domain users
  • SCIM provisioning available for automated deprovisioning

Seat licensing

Internal users consume seats per your subscription tier. Deactivated users free seats immediately but retain audit history attribution. External collaborators do not consume internal seats.

User states
StateCan log inCounts toward seats
ActiveYesYes
Pending inviteNoNo
DeactivatedNoNo
External guestLimitedNo

Offboarding

Deactivate users when employees leave. Reassign open tasks and owned shipments before deactivation. Orbex Data preserves their name on historical audit entries.

Revoke API keys

Offboarding includes revoking personal API keys. Service account keys require separate review.

User activity audit

Admins export user login history, permission changes, and failed authentication attempts from Settings → Audit. Retention aligns with workspace audit log policy.

Need help? Email hello@orbexdata.com or visit Trust & security.