Skip to content

User Management

Tenant administrators manage who can access Monozu and which groups grant permissions.

Prerequisites

Section titled “Prerequisites”
  • settings.users.manage and settings.users.read (Admin has full access)
  • module.settings

Invite a user

Section titled “Invite a user”

  1. Open SettingsUsers (/settings/users).

  2. Click Invite user and enter email address.

  3. The user receives an email with a link to /invite/:token to set password or complete SSO onboarding.

  4. Assign groups that define module and resource permissions — see Groups & Roles.

MFA

Section titled “MFA”

Users enroll TOTP MFA at /mfa-setup when required. MFA is enforced on login and sensitive VPN operations per tenant policy.

Auth modes

Section titled “Auth modes”
ModeBehavior
StandardEmail/password and/or Entra ID SSO
RestrictedSSO only + email domain allowlist

Configure tenant auth under Settings → Authentication and Entra ID SSO.

See also

Section titled “See also”