User Management
User management is the foundation of access control in the platform. From the Admin > Users page you can view every user account in the system, create new accounts, edit existing ones, reset passwords, deactivate accounts, and review per-user activity logs.
Permissions Overview
Each action in the user management area is governed by a dedicated permission:
| Action | Required Permission |
|---|---|
| View the user list and user details | Users.View |
| Create a new user account | Users.Create |
| Edit user details (name, email, role) | Users.Update |
| Deactivate or delete a user account | Users.Delete |
If you do not see the Users option in the Admin sidebar, your role does not include the Users.View permission. Contact a system administrator to request access.
Viewing All Users
Navigate to Admin > Users to see the full user list.
User List Columns
| Column | Description |
|---|---|
| Name | The user's full name (first name + last name). Click to open the user detail page. |
| The email address used as the login username and for all system communications. | |
| Role | The system role assigned to the user (e.g., Admin, Scheduler, Travel Coordinator). |
| Status | Active or Inactive. Inactive users cannot log in. |
| Last Login | The date and time of the user's most recent successful login. |
| Created | The date the account was created. |
Searching and Filtering
- Search bar -- type any part of the user's name or email to filter the list in real time.
- Role filter -- use the role dropdown to show only users with a specific role.
- Status filter -- toggle between All, Active, and Inactive users.
- Sort -- click any column header to sort ascending or descending.
Adding a New User
- Click the Add User button at the top-right of the user list.
- Fill in the required fields in the New User form:
| Field | Required | Description |
|---|---|---|
| First Name | Yes | The user's given name. |
| Last Name | Yes | The user's family name. |
| Yes | Must be a valid, unique email address. This becomes the login username. | |
| Role | Yes | Select one of the available system roles. See Roles & Permissions for details on each role. |
- Click Save.
- The system sends a welcome email to the new user containing:
- The login URL
- Their email address (username)
- A temporary password
- Instructions to complete first-time login and MFA enrollment
Double-check the email address before saving. If the email is incorrect, the user will never receive their invitation. You can edit the email after creation, but a new welcome email will not be sent automatically -- you will need to trigger a password reset.
Validation Rules
- Email uniqueness -- no two active users can share the same email address. If you attempt to create a duplicate, the system displays an error.
- Email format -- the email field validates against standard email formatting rules.
- Name length -- first and last names must each be between 1 and 100 characters.
Editing a User
- Click on a user's name in the user list to open their detail page.
- Click the Edit button.
- Modify any of the following fields:
- First Name
- Last Name
- Email -- changing the email changes the user's login username. The user will be notified at both the old and new email addresses.
- Role -- changing the role immediately updates the user's permissions. The user does not need to log out and back in; permission changes take effect on the next page navigation or API call.
- Click Save to apply the changes.
Changing a user's role is an immediate and significant action. If you downgrade a user from Admin to a less-privileged role, they will lose access to admin features on their very next action. Make sure to communicate role changes to the affected user.
Resetting a User's Password
If a user cannot log in due to a forgotten password, an administrator can trigger a password reset:
- Open the user's detail page.
- Click Reset Password.
- Confirm the action in the dialog.
- The system sends a password reset email to the user's registered email address containing a secure, time-limited link.
How the Reset Link Works
- The link is valid for 24 hours.
- The link can only be used once. After the user sets a new password, the link is invalidated.
- If the link expires, the admin must send a new reset. The user can also use the Forgot Password link on the login page to self-serve.
The system does not reveal the user's current password. There is no way to view or recover an existing password -- only to replace it.
Deactivating a User
Deactivating a user prevents them from logging in while preserving their data and history for auditing purposes.
- Open the user's detail page.
- Click Deactivate.
- Confirm the action in the dialog.
What Happens When a User is Deactivated
- The user's status changes to Inactive.
- If the user is currently logged in, their session is terminated immediately.
- The user cannot log in again until reactivated.
- All historical data (audit logs, actions taken, assignments made) is preserved.
- The user's email address remains reserved -- you cannot create a new account with the same email until the deactivated account is permanently deleted or the email is changed.
Reactivating a User
To reactivate a deactivated user:
- Filter the user list to show Inactive users.
- Open the deactivated user's detail page.
- Click Reactivate.
- The user's status returns to Active and they can log in again with their existing credentials.
Deactivation is reversible; deletion is not. When a team member temporarily leaves the project or goes on leave, deactivation is the recommended approach.
Viewing User Activity and Audit Log
Each user's detail page includes an Activity tab that shows a chronological log of all actions taken by that user.
Activity Log Columns
| Column | Description |
|---|---|
| Timestamp | The date and time the action occurred, displayed in the viewer's local time zone. |
| Action | The type of action performed (e.g., Login, Create Event, Update Caregiver, Export Report). |
| Entity | The object affected by the action (e.g., Event "Hurricane Response 2026", Caregiver "Jane Doe"). |
| Details | Additional context about the action, such as field changes (before/after values). |
| IP Address | The IP address from which the action was performed. |
Filtering the Activity Log
- Date range -- select a start and end date to narrow results to a specific time window.
- Action type -- filter by specific action types (e.g., show only Login events, or only Create/Update actions).
- Search -- free-text search across all columns.
The per-user activity log is a subset of the system-wide Audit Logs. Administrators who need to search across all users should use the full audit log instead.
Best Practices
- Use descriptive names -- enter full legal names so that audit logs and reports are unambiguous.
- Assign the least-privileged role -- follow the principle of least privilege. Give users only the permissions they need to do their job.
- Regularly review user accounts -- periodically audit the user list to deactivate accounts for people who have left the organization or no longer need access.
- Communicate role changes -- always inform a user before changing their role, especially if permissions are being reduced.
- Monitor login activity -- review the Activity tab for unusual login patterns (e.g., logins from unexpected IP addresses or at unusual hours).
Next Steps
- Roles & Permissions -- understand the six system roles and how permissions work.
- System Settings -- configure security policies that affect user accounts, such as password complexity and session timeouts.
- Audit Logs -- view the system-wide activity log.