Skip to main content

Cloud

User management

This section describes how to manage users for your organization.

About users

You add local users so that other members of your organization can use Illumio Cloud capabilities for their zero-trust segmentation programs. Some users have owner privileges, meaning that those users can perform the same tasks . All Illumio Cloud users are assigned a Cloud Security administrator role that provides them access to all the capabilities in the product, including the ability to invite additional users. Servers & Endpoints administrative users are able to see the Access Restriction menu item.

You create local users in Illumio. You do not manage them outside the product using an IdP.

When you become a customer or trial user, you must sign in to add or remove users. For more information, see Signing In.

This first user then sets up additional users. All users can add local users to their organization. Once a user is added to Illumio, they will need to complete their setup through the Okta activation process.

Add users

Only users with an owner role can add other users.

  1. From the left navigation, choose Access > Users. The list of users added to your organization appears.

  2. Click Add. The Add User dialog box appears.

  3. Enter the user's name. Only users see their name displayed in the UI when they sign in.

  4. In the Add User dialog box, enter the user's email address and click Add.

    The email address domain must match the domain used by your organization.

    The new user enters this email address when they sign in.

    Illumio uses this email address in the UI. It displays the user's email address to track user actions in the Events page.

The Add User dialog box closes and the list of users refreshes with the new user.

What happens next?

After you add a user, they receive an email from the Okta service with the subject “Welcome to Okta!” This email provides information about how the user can activate their Okta account. Illumio utilizes Okta to provide multi-factor authentication.

In addition to the local user account created in Illumio, users have access to an Okta dashboard where they can manage the security that Okta provides for sign-in. The Okta email includes a link to the user's Okta dashboard.

To access your user Okta dashboard, go to your Okta email and locate the URL in the line beginning with “Your organization's sign-in page is….”

For the next steps, see Signing In.

Delete users

Only users with an owner role can delete other users. However, they cannot delete their own user accounts. Not all users have administrative privileges, as role-based access is possible for Servers & Endpoints users who are not owners.

When a customer or trial user is provisioned access, there is a primary security administrator email that is associated with that account. This user cannot be deleted.

To delete users:

  1. From the left navigation, choose Access > Users. The list of users added to your organization appears.

  2. Select the users you want to delete.

  3. Click Remove. The Remove User confirmation dialog box appears.

  4. Confirm that you are removing the correct users and click Remove.

Add or remove roles

To add or remove roles, see Role-Based Access Control.