User management UI and common tasks

This doc explains how to find and use the user management UI and how to do some common user management tasks.

User management UI

To find your New Relic organization's user management options: From the user menu, select Administration. Here are the user management-related UI pages you can find there:

• User management (link to UI): Use this to add users, update user type, manage users' groups, approve user upgrade requests, and control session settings.
• Access management (link to UI): Use this UI to view, create, and manage groups and roles.
• API keys: Use the API keys UI to view and manage your users' API keys.
• Domain capture: Use domain capture to route your users into the right place when they attempt to sign up for New Relic. Learn more about domain capture.
• Authentication domains (link to UI): Use this to control how your users are added (from New Relic or from an identity provider), how they log in (manually or via SAML SSO), and more. For details, see Authentication domains.

For tips on managing users, see Common tasks and our User management videos.

Requirements

The easiest way to see what your user management permissions are is to go to the user management UI and see what you have access to.

Some user management requirements and restrictions:

• This doc explains how to manage users on our newer user model.
• To add and edit groups and roles, your organization must have Pro or Enterprise edition.
• Permissions-related requirements:
  • Requires a user type of core user or full platform user.
  • Most user management capabilities require the organization- and authentication domain-related administration settings.
• To avoid configuration conflicts, try to ensure that only one person in your organization is managing users at a time.

User management UI

Here's a screenshot of the User management UI. We'll explain the column headers below.

• Name: The user's name.
• Email: The user's email address. Some notes on messages you may see present:
  • Pending: This user is added to New Relic but hasn't yet logged in for the first time. Note that even in the Pending state, users are still considered provisioned: this means if they have a billable user type they are billable.
  • This icon indicates Pending invite approval. These users are not yet billable. For more on how inviting teammates works, see Add users.
• Type: The user's user type.
• Groups: The groups that a user belongs to.
• Last active: The last date a user was logged into New Relic. It does not track API activity performed with a user's user key. Last active can be useful for deciding to downgrade a user to a lower user type.
• ID: A user's New Relic-assigned ID.

Tips on common user management tasks

Here are some user management tasks you might want to do:

Add users

There are a couple ways to add users:

• Add users: Go to the User management UI and select Add user. Note that adding users directly to New Relic means users with a billable user type are immediately billable, regardless of whether those users are Pending and haven't yet logged into New Relic.
• Invite users: Go to the user menu and click Add user. Details on inviting users:
  • If you have Authentication domain permissions, this takes you to the Add users UI, where you can add users directly.
  • If you don't have that permission, you can invite a teammate. This requests review by an admin of that user being added to New Relic. Pending invites that haven't been reviewed are marked as Pending invite approval in the user management UI. When an admin reviews an invited user, they complete the Add user workflow and that user is considered added in New Relic.

Other notes for adding users:

• You can also use our NerdGraph API to add and manage users.
• If you're using automated user management, you can only add users from your identity provider.

Edit users' user type

Before changing your users' user type, we recommend you understand:

• How to decide a user's user type
• How billable users are calculated
• User downgrade rules
• If you're using automated user management, you have other options for managing user type.

To change the user type of one or more users from the UI:

1. From the User management UI, click the checkboxes for the users whose user type you want to edit.
2. Once you start selecting users, an option will appear for Edit type.

You can also edit the user type and group of a specific user by clicking on that user.

For how to use our API to manage user information, see Manage users with NerdGraph.

To manage how users upgrade their user type, see the authentication domain settings.

Bulk edit users

To edit settings for multiple users at a time:

1. Go to the User management UI and select the checkboxes for the users whose group or user type you want to edit.
2. Editing options will appear at the top of the UI.

Note: if you're using automated user management, groups must be edited from your identity provider.

Delete users

To delete users: go to the User management UI and select the checkboxes of one or more users. Then click Delete users.

Export a spreadsheet of users

To export a list of all users and their details (names, email addresses, current user type, groups, user ID): From the User management UI, click the download icon beside the Add user button. There's an option for downloading a list of all users in that authentication domain.

Alternatively, to export a subset of users, first select the users you want to export, and then hit the download button.

Give users access to accounts and roles

See our user management tutorial.

Create new custom groups and roles

See the user management tutorial.

Set up SAML SSO and/or SCIM provisioning

See Get started with SAML SSO or SCIM.

Grant users ability to manage other users

To grant your users the ability to manage other users, you'll need to add users to a group that has the Authentication domain settings. The two main ways to accomplish this are:

• From the User management UI, you can add a user to the default Admin group, which has those settings enabled.

  OR

• You can create a custom group and give it those settings. For a tutorial on common user management tasks, see the user management tutorial.

Control how users upgrade their user type

See the authentication domain settings.

Use our API

To use our API to manage accounts and users, see our NerdGraph tutorials.

Track changes

To see an audit log of changes to your account, including user management actions, you can query the NrAuditEvent.