Nembl
Admin Guide
Identity & Access
Users

Users

The Users page is the IAM admin view of every human member of your Company. Use it to invite new members, change Role assignments, look up someone's access, or deactivate a departing employee.

Open from Admin → IAM → Users.

What's shown per row

  • Name + avatar
  • Email — primary email (the one used for sign-in)
  • Username — the unique handle in this Company
  • StatusACTIVE, INVITED (sent invitation, not accepted), DEACTIVATED
  • Roles — direct Roles plus any inherited via Groups / Teams
  • Last sign-in — useful for spotting dormant accounts
  • Actions — open detail, deactivate, resend invite

The list is searchable and filterable by status.

Inviting a user

  1. Click Invite User
  2. Enter their email + (optional) display name
  3. Pick the Role(s) they should hold from the start
  4. Optionally assign them to a Team or Group
  5. Send

Nembl emails them an invitation with a single-use token. They click through, set their password, and land in your Company.

For domain-wide invites (e.g. anyone with @acme.com) see Members & Invitations.

User detail page

Clicking a user opens their detail page with:

  • Profile — name, email, timezone, theme (read-only here; the user manages their own Profile)
  • Roles — direct assignments
  • Group memberships — groups they belong to
  • Team memberships — teams they're on, with their role on each (e.g. Member, Lead)
  • Activity — a slice of the audit log scoped to this user
  • Sessions — currently active sessions; admins can revoke

Direct vs inherited Roles

A user gets Permissions through direct Role assignments AND through Groups and Teams they belong to. The detail page shows both with a source indicator so you can tell where each Role came from.

To remove a Role you typically remove it at its source — if it came from a Group, edit the Group; if it's direct, remove it from the user's profile.

Deactivating vs deleting

  • Deactivate is the safe default. The user can no longer sign in; their historical actions stay attributed to them in the audit log; their email is held so you don't accidentally lose history if they return.
  • Delete is permanent. The user row is removed; their actions are anonymized to "Deleted user". Reserve for compliance / right-to-erasure requests, not routine offboarding.

Related

RecipesRoles & Permissions