User Management
Last updated
Was this helpful?
Last updated
Was this helpful?
Copia makes a distinction between "Primary" and "Non-primary" organization members. Copia also enables organization administrators to control access to Copia for their Primary Organization members via deprovisioning and reprovisioning.
Every Copia user has one Primary Organization. Users become Primary Organization members when they are created by an organization (via email invitation or Directory Sync). Primary membership in an organization means the following:
Primary Organization members use the SSO portal associated with their primary organization.
SSO requirements for a user are determined by their Primary Organization's settings.
Administrators of an organization can deprovision and reprovision Primary members.
If a user needs to be assigned to a different Primary Organization, reach out to customer support.
Non-Primary members are any organization members that are not Primary members - they are Primary members of another organization.
These members are not subject to your organization's SSO requirements, so you should more carefully audit them. To make this easier, non-Primary membership is highlighted in team and organization UIs, and non-Primary members are always displayed above Primary members in the members section.
Organization administrators can "deprovision" Primary members, which prevents them from logging into Copia. As such, deprovisioned members do not count towards your seat limit.
Deprovisioned members cannot log in to Copia, but deprovisioning a member does not delete their account - it is both non-destructive and reversible.
Non-destructive means the work (commits, PRs, etc.) of deprovisioned users isn't lost, nor are deprovisioned users removed from teams. Reversible means members can be reprovisioned.
The following methods allow Organization administrators to manually deprovision / reprovision members. Copia recommends setting up Directory Sync to enable automatic deprovisioning / reprovisioning of members based on Identity Provider events.
Organization administrators can deprovision and reprovision primary members from the members section:
Organization administrators can also deprovision or reprovision primary members from the "Administrative Actions..." dropdown on the user's profile page:
If using Team Mapping, your organization membership will be controlled exclusively via your Identity Provider, and you will not have the option to add or remove users in Copia.
To add a new user to Copia, you'll need to invite them to a specific team within the organization. First, navigate to the "Members" section of the home page.
Once in the Members view, click on the Invite New Member button. This option will only be available to users who are part of the Owners team.
Enter the user's email address, Initial Team, and (if not using Single-Role teams) team privileges for the new individual. Click Send Invitation to continue.
Copia recommends that you do not invite new users directly to the Owners team until after verifying they have joined your organization, as the Owners team has access to dangerous operations (like deleting the entire Organization).
An invitation email will automatically be sent to the invitee. Their account will appear in the Members tab in a pending state until they complete registration. If you'd prefer to cancel the invitation, simply click the Cancel Invitation button. Whenever they complete registration, the new Member will be added to your Organization and their account will move from the Pending Users tab to the All Users tab.
There is one other mechanism aside from email invitations for adding new Members to your Organization - Directory Sync (SCIM). See the instructions for more details.
If you set up Directory Sync (SCIM), users lose access to your organization automatically when you remove them in the Identity Provider.
If you have not set up Directory Sync and you need to remove a user's access to your organization (for example, if the employee leaves your company), you should remove the user's access manually.
If you remove a Member's access to an Organization, their work will not be deleted. Everyone who has viewing privileges on the repository they worked on can still see it. So if only one Team of many in your Organization has access to a specific repository, everyone on that Team will still be able to see the removed user’s work on that repository, but users in a separate Team will not. This is the same behavior regardless of whether a user has been removed or not.
To remove a Primary member's access to Copia, you should deprovision them as described above.
All Copia users (even deprovisioned ones) have a primary organization, which is why you cannot remove primary members from your organization.
Organization admins cannot deprovision non-Primary members of their organization, since the lifecycle of those users is controlled by their Primary organization. Instead, you should remove them from the organization:
Find the user in the list, and click Remove from Org.
