The Access management screen helps you manage:

  • The team of users allowed to access your subscription and its databases.
  • The API keys that authenticate application access to your account.
  • Single sign-on (SSO) with SAML.

Here, you learn how to manage your team’s users and control their level of access.

For help managing API keys, see Manage API keys.

Manage team access

The Team tab lets you manage the people allowed to access your account. Each authorized person is assigned to a role that specifies their privileges.

The Access management tab helps you manage the people allowed to access your subscription.

The list contains one entry summarizing the team settings for each user in your team. By default, the list includes the account owner.

The list includes several buttons and icons to help you manage the list:

Icon Description
Use the Add button to add members to your team. The Add button lets you add members to your team
Use the Edit button change details for a team member. The Edit button lets you edit the settings for the selected team member
Use the Delete button to remove a member from your team. The Delete button lets you remove members from your team
Use the Filter button to display team members that match specified conditions. Filter icons let you display team members matching conditions you specify
The Sort ascending button displays members in ascending order according to the values of the selected field. The Sort descending button displays members in descending order according to the values of the selected field. The Sort ascending and Sort descending icons display the list according to the selected order

If you have a large team, you can use the controls in the list footer to navigate quickly through the list. These controls are deactivated for small teams.

Add user

When you add a member to your team, the Add user dialog appears.

Use the Add User dialog to specify the details for your new user.

Use the dialog to specify these values.

Setting Description
First name First name of the user displayed in the admin console and in email messages
Last name Last name of the user displayed in the admin console and in email messages
Role The role identifies their subscription and account privileges. For details, see Team management roles.
Email The address used for alerts and other email messages regarding the account
Alert emails Enable to be notified when subscription databases cross certain thresholds, such as exceeding memory limits or latency requirements
Operational emails Notifications about subscription and database changes, such as creating or deleting a database
Billing emails Notifications when bills are issued, paid, and so on.
Note: Limited to a single user.
Multi-factor authentication Whether MFA is enabled for the member. This is deactivated when members have not enabled or confirmed MFA in their user profile settings.

Use the Add user button to save your new team member details.

Edit user

To edit user team details, select the user from the list and then select the Edit button. The Edit user dialog displays the details you can change.

Use the Edit User dialog to change the details for a user

You can change any detail except the team member’s email address.

Select Save user to save your changes.

Delete user

To remove a member from your team, select them from the list and then select the Delete button. A confirmation dialog appears.

Confirm that you want to remove a user from your team

Select Delete user to confirm removal. This is a permanent action that cannot be undone.

Team management roles

Each team member is assigned a role that identifies their privileges and limits their activities in the admin console.

Roles and responsibilities are:

  • Owner can view, create, and edit any settings in the account.

    Each subscription must have at least one account owner. Accounts can have multiple owners.

    Owners can also manage subscriptions, databases, and API keys.

  • Manager can view, create, and edit any setting in the subscription.

    Managers can change subscription costs and change payment methods associated with a subscription, but they cannot add or remove available payment methods.

  • Member can view, create, and edit databases in Fixed accounts.

    Members cannot impact costs associated with Flexible accounts, which means they cannot create databases or edit databases in ways that impact subscription cost.

  • Viewer can view all databases and their configurations, including database secrets.

This table shows each role’s ability to perform common tasks using the admin console.

Task Owner Manager Member Viewer
Access management ✅ Yes ❌ No ❌ No ❌ No
Account settings ✅ Yes ❌ No ❌ No ❌ No
Billing & payments ✅ Yes ❌ No ❌ No ❌ No
Create subscription ✅ Yes ✅ Yes ❌ No ❌ No
Create database (Flexible) ✅ Yes ✅ Yes ❌ No ❌ No
Edit database (affects cost) ✅ Yes ✅ Yes ❌ No ❌ No
Create database (Fixed) ✅ Yes ✅ Yes ✅ Yes ❌ No
Edit database (no cost impact) ✅ Yes ✅ Yes ✅ Yes ❌ No
View subscription ✅ Yes ✅ Yes ✅ Yes ✅ Yes
View database ✅ Yes ✅ Yes ✅ Yes ✅ Yes