# Add User
## Purpose
Adding users ensures that everyone working within your organization has secure access to Cloudscaff with the correct level of visibility, authority, and accountability.
Each user created here can be assigned a role that defines what they can see and do — maintaining both control and compliance across your operations.
***
## Accessing Add User Page
In the **side navigation**, click **Settings → User Profiles → Click (+) Button**
{% hint style="info" %}
[Click here to view how to access User Profiles](https://app.gitbook.com/o/NbjppYCBHdjT4PFa7TUI/s/sVJ0qURLvzCOxTGXEZIZ/settings/accessing-settings)
{% endhint %}
The user list displays all **active users** in your organization.
## **Open Add User Form**
Click the **➕** icon in the bottom-right corner to open the “**Add User**” form.
***
## Adding a User
### Add User Form
The **Add User** form captures all the essential information for creating a user profile, assigning permissions, and inviting them to log in (via password or SSO)
You can:
* Add new users manually with a password, or
* Enable **SSO (Single Sign-On)** to allow login via Google / Microsoft credentials.\
You can also assign the user’s role, which controls their access and functionality in the system.
### **Step-by-Step Process to Add a User**
#### **Email**
The user’s email address is used for login.
#### **Full Name**
The user’s first and last names are to be displayed in documents and logs.
#### **Contact Number**
This is an optional field phone number are to be displayed in documents and logs.
#### **Title**
User’s position or title, e.g., *Site Manager*, *Supervisor*, *Foreman*, etc.
#### **Enable SSO Invitation**
Toggle this on to allow login via **Google** or **Microsoft** instead of a password. When enabled, the system sends an invitation email that the user must accept via SSO.
#### SSO Invite Toggled Off
#### SSO Invite Toggled On
#### **Password (only if SSO disabled)**
Set a secure password for manual login users. Hidden automatically when SSO is active.
{% hint style="warning" %}
**Password Note:**
The **“Forgot Password”** option is used to **reset your password** — whether you’ve forgotten it or you want to change the **temporary password** provided by your administrator.
In both cases, you’ll follow the same process:
1. Log out of your account.
2. On the login page, click **“Forgot Password.”**
3. Follow the on-screen steps to set a new, secure password.
This ensures your account remains secure and personalized to you.
{% endhint %}
{% hint style="info" %}
[Click here to learn how to Reset Password](https://docs.cloudscaff.com/logout/forgot-or-reset-password)
{% endhint %}
### **Set Roles and Permissions for a User**
Opens the **Roles** where you can assign one or multiple predefined roles (e.g., *Super Admin*, *Site Admin*, *Reports Access*, etc.).
{% hint style="info" %}
[Learn how to set or update Roles and Permissions for users](https://docs.cloudscaff.com/settings/user-management/role-builder-add-or-update-roles)
{% endhint %}
#### **Roles Display**
After setting a user’s **Roles and Permissions**, their assigned roles will appear **just below the selection field**, confirming which access levels have been applied to that user.
### **Create User / Send SSO Invitation**
Final action button — label changes based on whether SSO is enabled or not.
If **SSO is not enabled**, click the **Create User** button — the user will be added directly into the system and can log in using the temporary password you’ve assigned.
If **SSO is enabled**, click the **Send SSO Invitation** button — the user will receive an email invitation to join via your organization’s Single Sign-On.
Once they accept and log in for the first time, they’ll automatically appear in your **Active Users** list.
## **How It Works in Practice**
1. Open **Settings → Users → Add User (+)**.
2. Fill in the user details and select whether to enable SSO.
3. Assign the appropriate role(s) via the **Select Role** button — this determines their permissions.
4. Click **Create User** (for password users) or **Send SSO Invitation** (for SSO users).
5. If SSO is enabled, the user appears under **Pending Invitations** until they accept. If SSO is not enabled, the user will appear in the **Active User** list.
6. Once accepted or created, the user appears in the **Active Users** list, where you can manage roles, branches, and permissions.
***
## **Best Practices**
* Always use company email addresses for consistency and security.
* Assign the **minimum required permissions** to maintain data integrity.
* Use descriptive titles for clarity in analytics and handovers.
* Prefer SSO login for easier onboarding and centralized authentication.
* Review user access periodically to ensure relevance.
***
## **Using Email Aliases**
If some users don’t have official company email addresses, you can create **email aliases** for them to access Cloudscaff.
For example, if *Jon* doesn’t have a company email, you can create an alias such as ****.
The system will recognize the alias as a **valid login address**, allowing the user to sign in and work under the company domain.
{% hint style="danger" %}
**Important:**
Email aliases **cannot send or receive emails**, as they do not exist as real mailboxes.
If the user forgets their password, the **reset email cannot be delivered**, and their password cannot be recovered.
For long-term access, it’s recommended to assign real company email addresses where possible.
{% endhint %}
> #### **Tips:**
>
> * Use **SSO Invitations** for large organizations — it speeds up onboarding and reduces password management.
> * Double-check roles before creating users to prevent accidental admin access.
> * Keeping user profiles accurate improves traceability in reports and compliance audits.
> * Each user created contributes to **greater accountability across your entire organization** — every scaffold, inspection, and handover is automatically tied to a verified user identity.
