Manage Team

Manage user access and roles within your Entity.

Any user accessing the Paxos Dashboard must be authorized and assigned one or more Roles, each of which consists of specific permissions that control access to various actions. Paxos provides a set of predefined roles that are available as soon as you sign up and onboard a new Entity.

• To view, search and manage user access: Admin > Team Management > Users.
• To audit the list of permissions associated with a Role: Admin > Team Management > Roles
• To disable user access or change Roles, use the Edit Status dropdown in the User Actions menu at Admin > Team Management > Users.

Passkey-Based Login

demo

Entity Managers can manually invite users and assign their roles. Each user receives an email with a verification code and a link to set up their passkey and sign in.

note

Users can have different roles across different Entities. When inviting users, it is recommended to provide organization-specific instruction on the proper use and storage of passkeys.

We recommend using tools like iCloud Keychain, Windows Hello, Google Account, 1Password, Proton Pass, or other third-party password manager that enables passkey sync across devices.

Follow these steps to invite users to your entity:

1. Go to Admin > Team Management
2. Click Invite Users
3. Enter one or more emails and select a role from the dropdown.
4. Click Invite Users

Users are marked as Active once they log into the Dashboard.

Entity Managers can also modify User Roles as needed:

1. Go to Admin > Team Management>Users
2. Click on the Edit Role icon next to a user.
3. Select one or more roles from the dropdown.
4. Click the Save icon next to the dropdown.

SSO-Based Login

demo

Interested in using SSO?

Paxos supports SAML and OIDC supported Identity Providers. Contact Support to get started.

When using Single Sign-On (SSO), instead of inviting users individually, an Entity Manager uses the Role Mapping interface to map Roles to user groups within your organization's Identity Provider (i.e., Okta, Azure AD).

Typically, you work with your IT team to leverage existing groups; however, you may need to add new Identity Provider groups to match your expected Dashboard workflows. Once you map the group to an existing Dashboard Role, the next time users sign in with SSO their permissions will update.

Follow these steps to map Identity Provider groups to Paxos Dashboard Roles:

1. Go to Admin>Team Management>Mapping.
2. Click Add Mapping.
3. Enter the Group Name exactly as it appears inside your Identity Provider’s configuration.
4. Enter one or more Roles to associate with this Group.

Any user with a user attribute that contains the Group will automatically be assigned the associated Role on login.