Prerequisites
You need an administrator (or equivalent) role in the organization to invite users, change org-wide roles, or deactivate accounts. If options are missing, ask your identity admin.Inviting users
Open organization users
Go to Organization → Users (or Settings → Members, depending on your layout).
Send invite
Enter the corporate email, choose an initial organization role, and optional team assignments.
Guest or contractor domains sometimes require explicit approval workflows configured by your admin.
Role assignment
Organization roles set the ceiling for what someone can attempt in the product. Examples common across deployments:| Role | Typical use |
|---|---|
| Viewer | Read pipelines, runs, and catalog entries |
| Member / Editor | Create and edit resources within team scope |
| Admin | Manage users, connections, security settings, and billing contacts (varies) |
Removing users
Transfer ownership
Reassign owned pipelines, connections, and schedules so automation does not stall.
Deactivate or remove
Use Remove or Deactivate per policy. Deactivation preserves audit history; hard removal may be restricted.
Multi-organization membership
Users can belong to more than one Planasonix organization (for example a parent company and a subsidiary project). Each org has:- Its own billing, SSO, and audit configuration
- Isolated connections and secrets
- Separate team namespaces
Email collisions
Email collisions
The same email may map to distinct org memberships; invitations always target a specific org ID.
Service accounts
Service accounts
Create non-human users or API keys per org for CI/CD so pipelines never rely on a human’s cross-org session.
Detailed RBAC
For teams, custom roles, resource sharing, and connection use semantics, use the dedicated guide:Teams and permissions
Team structure, role bundles, sharing pipelines, and auditing access.
Related topics
SSO
Federated sign-in and group mapping.
API keys
Programmatic principals and rotation.