User Management

TelemetryOS supports multi-user accounts where team members access shared organizational resources with role-based permissions. This enables teams to manage deployments without sharing credentials, maintaining individual accountability and granular access control.

User Capacity

Account plans include user capacity limits that vary by subscription tier. The Billing & Limits section on the dashboard displays current limits and usage.

When user limits are reached, expansion requires a subscription tier adjustment or coordination with TelemetryOS Support. Reseller-managed accounts coordinate capacity adjustments through their reseller partner.

Accounts below device limits support additional devices through pairing or provisioning.

Adding Users

TelemetryOS provides three user creation methods. The user invitation interface is located under User Invites in the Settings section.

Email Invitation

Email invitations let users set their own passwords without administrator involvement. Click INVITE, enter the user's email address, assign one or more groups, then click INVITE USER. The invited user receives an email with a time-limited activation link to establish their password and verify their account.

Group assignment determines permission scope and resource visibility — administrators can constrain access to specific device organizations, content types, or system features through group-based permissions. Unactivated invitations expire after a defined period and require re-invitation.

Manual Credential Creation

Manual creation uses the same INVITE interface but includes additional fields: email address, first name, last name, password, and group assignments. This approach provides immediate account access without requiring the user to complete an email-based setup flow.

Manual provisioning is useful for emergency account creation, service accounts, or environments where email reliability makes invitation workflows impractical. Administrators are responsible for communicating credentials securely through out-of-band channels.

Team Login (Enterprise)

Team Login enables bulk user provisioning with Single Sign-On integration, supporting large-scale onboarding through identity provider integration rather than individual account creation. This feature is available on Enterprise plans only.

User Lifecycle

Profile Management

User profiles contain identity information (name, email) and group memberships. Group membership changes take effect immediately. Email address updates affect authentication — users must authenticate with their current email address even while profile updates are pending.

Password Resets

Administrators can initiate password resets when users lose access or when security incidents require credential rotation. Reset workflows generate new passwords that administrators communicate to affected users. Users should change administrator-assigned passwords after regaining access.

Activity Monitoring

User accounts maintain activity logs including authentication timestamps, source IP addresses, authentication methods (password, SSO, API token), and account creation metadata. This audit data supports security investigations, inactive account identification, and compliance evidence for access control requirements.