Invite users

NOTE:
  • Until the user accepts the invitation and logs in, the user is listed as Pending Approval.

  • When the user accepts the invitation, the user can set the user password and log in to activate their account. The first time the user logs in, a database role with the same name as their e-mail address is created, and the account creation is complete.

As an Organization administrator, you can invite new users via the Materialize Console.

  1. Log in to the Materialize Console.

  2. Navigate to Account > Account Settings > Users.

  3. Click Invite User and fill in the user information.

  4. In the Select Role, select the organization role for the user:

    Organization role Description
    Organization Admin
    • Console access: Has access to all Materialize console features, including administrative features (e.g., invite users, create service accounts, manage billing, and organization settings).

    • Database access: Has superuser privileges in the database.

    Organization Member
    • Console access: Has no access to Materialize console administrative features.

    • Database access: Inherits role-level privileges defined by the PUBLIC role; may also have additional privileges via grants or default privileges. See Access control control.

    NOTE:
    • The first user for an organization is automatically assigned the Organization Admin role.

    • An Organization Admin has superuser privileges in the database. Following the principle of least privilege, only assign Organization Admin role to those users who require superuser privileges.

    • Users/service accounts can be granted additional database roles and privileges as needed.

  5. Click the Invite button at the bottom right section of the screen.

    Materialize will email the user with an invitation link.

    NOTE:
    • Until the user accepts the invitation and logs in, the user is listed as Pending Approval.

    • When the user accepts the invitation, the user can set the user password and log in to activate their account. The first time the user logs in, a database role with the same name as their e-mail address is created, and the account creation is complete.

Next steps

The organization role for a user/service account determines the default level of database access. Once the account creation is complete, you can use role-based access control (RBAC) to control access for that account.
Back to top ↑