To find your New Relic organization's user management options: From the user menu, select Administration. Here are the user management-related UI pages you can find there:
User management (link to UI): Use this to add users, update user type, manage users' groups, approve user upgrade requests, and control session settings.
Invitation approval: This is where you can approve users to be added to New Relic. These users are not yet considered provisioned and are not billable.
API keys: Use the API keys UI to view and manage your users' API keys.
Domain capture: Use domain capture to route your users into the right place when they attempt to sign up for New Relic. Learn more about domain capture.
Authentication domains (link to UI): Use this to control how your users are added (from New Relic or from an identity provider), how they log in (manually or via SAML SSO), and more. For details, see Authentication domains.
The easiest way to see what your user management permissions are is to go to the user management UI and see what you have access to.
Some user management requirements and restrictions:
To add and edit groups and roles, your organization must have Pro or Enterprise edition.
Permissions-related requirements:
Requires a user type of core user or full platform user.
Most user management permissions require the organization- and authentication domain-related administration settings.
To avoid configuration conflicts, try to ensure that only one person in your organization is managing users at a time.
UI details
Here's a screenshot of the User management UI. We'll explain the column headers below.
Name: The user's name.
Email: The user's email address. For users with Pending: This user has been added but has not yet verified their email. Even in the Pending state, a user is considered provisioned and is therefore billable if they're a core or full platform user.
Last active: The last date a user was logged in to the platform. (This does not track use of our APIs that require a .) This can be useful for deciding to downgrade a user to a lower user type.
ID: A user's New Relic-assigned ID.
For information about the groups that users are in, you can download a TSV file from the UI or use NerdGraph.
Tips on common user management tasks
Here are some user management tasks you might want to do:
To learn about your users, go to the User management UI and examine specific users for details. You can also go to the Access management UI to examine groups: the roles those groups have, and the users in each group.
To see all your users and their group memberships, you can use NerdGraph.
Note that adding users directly to New Relic means users with a billable user type are immediately billable, regardless of whether those users are Pending and haven't yet logged into New Relic. Options for adding users via the user management UI include:
If you don't have that permission, you can invite a teammate. This requests review by an admin of that user being added to New Relic. Pending invites that haven't been reviewed are marked as Pending invite approval in the user management UI. When an admin reviews an invited user, they complete the Add user workflow and that user is considered added in New Relic.
There are two options for giving your users the ability to manage other users:
The authentication domain settings grant users organization-wide capabilities related to managing users, groups, and authentication domains.
The Group admin role is much more constrained: it gives users the ability to add and remove users for a specific group.
To give organization-wide user management abilities, you can add a user to the default Admin group, which has those settings enabled. You can also create a custom group and give it those settings.
To delete users: go to the User management UI and select the checkboxes of one or more users. Then click Delete users.
To export a list of all users and their details (names, email addresses, current user type, groups, user ID): From the User management UI, click the download icon beside the Add user button. There's an option for downloading a list of all users in that authentication domain.
Alternatively, to export a subset of users, first select the users you want to export, and then hit the download button.