Loading

Manage users

You can invite users to join your organization to allow them to interact with all or specific Elastic Cloud resources and settings. After they're invited, you can manage the users in your organization.

Alternatively, configure Elastic Cloud SAML SSO to enable your organization members to join the Elastic Cloud organization automatically.

Agent skill available

A skill is available to help AI agents with this topic.

Learn more about agent skills for Elastic

Get the skill
Note

Users can only belong to one organization at a time. If a user that you want to invite already belongs to a different organization, that user first needs to leave their current organization, or to use a different email address. Check Join an organization from an existing Elastic Cloud account.

Tip

If you're using Elastic Cloud Hosted, then you can also manage users and control access at the deployment level.

  • Only Organization owners can invite new users to the organization.

  • To assign or modify roles for existing members, your permissions must cover the resources affected by the role assignment:

    • Organization owners can manage role assignments for all members in the organization.
    • Members with the Admin role can view and manage role assignments only for deployments or projects within their scope:
      • Admins scoped to all deployments and projects can manage assignments across all resources.
      • Admins scoped to specific deployments or projects can manage assignments only for those resources.

For more information about role scopes and permissions, refer to User roles and privileges.

To invite users to your organization:

  1. Log in to Elastic Cloud.

  2. From the navigation menu, select Organization > Members.

  3. On the Members page, click Invite members.

  4. Enter the email addresses of the users you want to invite in the email field.

    To add multiple members, enter the member email addresses, separated by a space.

  5. If desired, assign roles to the users so that they automatically get the appropriate permissions when they accept the invitation and sign in to Elastic Cloud.

    You can grant access to Elastic Cloud Hosted deployments, Elastic Cloud Serverless projects, or connected clusters, either to all resources or scoped to specific ones. For more details, refer to User roles and privileges.

  6. Click Send invites.

    Invitations to join an organization are sent by email. Invited users have 72 hours to accept the invitation before it expires. If the invite has expired, an admin can resend the invitation.

On the Members tab of the Organization page, you can view the list of current members, including status and role.

In the Actions column, click the three dots to edit a member’s role, or revoke an invite, or remove a member from your organization.

You can also manage members of your organization using the Elastic Cloud API.