Skip to main content

Documentation Index

Fetch the complete documentation index at: https://altostrat.io/docs/llms.txt

Use this file to discover all available pages before exploring further.

User and team management controls who can access your SDX resources and what they can do. A clean access model keeps operations fast while reducing unnecessary privilege.

Prerequisites

  • You have permission to manage users, teams, or roles.
  • You know which team the user should belong to.
  • You know what level of access the user needs.

Core Concepts

ConceptPurpose
UserA person or recipient record associated with the workspace.
TeamA group that owns or operates resources.
RoleA permission set that controls what a user can do.
Notification-only userA recipient that can receive alerts or reports without portal login access.

Add a User

  1. Open Settings and select Teams or the relevant user management area.
  2. Choose the team the user should join.
  3. Add the user with the correct email address.
  4. Assign a role that matches the work they need to perform.
  5. Save the change.
  6. Confirm the user appears in the intended team.

Create a Notification-Only Recipient

Use notification-only users when someone needs alerts or reports but should not sign in to the portal.
  1. Create or edit the user record.
  2. Disable portal login access when the form exposes that option.
  3. Add the recipient to the relevant Notification Groups.
  4. Send or wait for a test notification through the group workflow.

Role Assignment

Assign the least privilege that still lets the user do their job. Operators who manage sites may need different access from billing administrators, security reviewers, workflow builders, or report recipients. Review roles when a person changes responsibility. Removing stale access is just as important as granting new access.

Offboarding

When someone leaves or no longer needs access:
  1. Remove them from teams where they should no longer operate.
  2. Reassign ownership of workflows, reports, notification groups, or API keys if needed.
  3. Revoke or rotate credentials that were used by integrations.
  4. Review Audit Logs for recent sensitive activity if the departure is security-sensitive.
Prefer named users over shared accounts. Named access makes audit review and incident investigation much clearer.