Skip to content

Managing Users

User management in Devici allows administrators to control who can access the platform and how users participate in threat modeling activities.

Administrators can invite new users, disable existing accounts, or permanently remove users when needed.

Overview

Only users with administrative permissions can manage users in Devici.

From the Users section, administrators can:

  • Invite new users
  • View user status
  • Disable user accounts
  • Delete users from the organization

User management settings are accessed from the Settings menu, available by selecting the profile icon in the bottom-left corner of the screen.

Inviting Users

To invite a new user:

  1. Navigate to the Users section in Settings.
  2. Select Add User.
  3. Enter the user’s email address.
  4. Select Create.

After the invitation is sent:

  • A confirmation message appears in the lower-left corner of the screen
  • The user receives an email invitation
  • The user’s status is shown as Invited until they accept and log in

User Status

Users may appear in one of the following states:

  • Invited — The user has been invited but has not yet logged in
  • Active — The user has accepted the invitation and can access the platform
  • Disabled — The user account is deactivated and cannot access Devici

Disabling and Deleting Users

Administrators can remove user access in two ways, depending on the situation.

Disabling a User

Disabling a user:

  • Deactivates the user’s account
  • Prevents login and platform access
  • Preserves all associated data

This option is recommended when access needs to be temporarily revoked or reviewed.

Deleting a User

Deleting a user:

  • Permanently removes the user from the platform
  • Permanently deletes the user’s account
  • Cannot be undone

Important
Deleted users and any associated ownership cannot be recovered.

How to Disable or Delete a User

To disable or delete a user:

  1. Navigate to the Users section in Settings.
  2. Select the three-dot menu next to the user’s name.
  3. Choose Disable or Delete.

For deleted users only:

  1. Reassign ownership of any collections or threat models owned by the user to another user.
  2. Confirm the action.

Deletion cannot be completed until all owned collections and threat models are reassigned.

Best Practices

  • Disable users first when access may be needed later
  • Reassign ownership before deleting users
  • Periodically review active users to maintain least-privilege access

Effective user management helps maintain security, accountability, and continuity across your threat modeling efforts.