User and role management

Learn ways to manage users and roles in Cloud Observability.


Cloud Observability offers several ways to manage users and roles. The different features and integrations give you the following:

Features and integrations

This section lists Cloud Observability’s features and integrations for managing users and roles. The information is organized by function and links to setup guides to help you get started.

Not sure where to start? Visit Plan your workflow for four common setups.

Authenticating users

To securely manage Cloud Observability users, use SSO or manually invite users in the Cloud Observability UI.

With SSO, an IdP – for example, Okta – authenticates users. Users then log into Cloud Observability with their IdP credentials. Cloud Observability supports SSO with OAuth2 and SSO with Security Assertion Markup Language (SAML).

Creating users

Cloud Observability has several options for creating Cloud Observability users.

If you’re using SSO, automate user creation with JIT provisioning or use Okta and SCIM. You can also create users in bulk with the Cloud Observability API.

If you’re not using SSO, create users by manually inviting them in the Cloud Observability UI.

Assigning roles

RBAC lets you manage what users can do in Cloud Observability through roles and permissions. There are several ways to work with Cloud Observability’s RBAC.

If you’re using SSO:

If you’re not using SSO, assign roles in the Cloud Observability UI or with Terraform.

Deleting users

To securely delete Cloud Observability users, use the Cloud Observability API or Cloud Observability UI.

Plan your workflow

There are many ways to manage users and roles in Cloud Observability. The chart below shows four common workflows, covering SSO, creating users, assigning roles, and deleting users.

Workflows for managing users and roles

See also

Roles and permissions

Set up JIT provisioning

Manage users and roles

Updated Jan 29, 2024