Send Docs Feedback

Note: Most user interface tasks can be performed in Edge Classic or the New Edge experience. For an overview, getting started topics, and release notes specific to the New Edge experience, see the docs.

Managing organization users

This topic explains how to create and manage organization users. You must be an organization administrator to perform these tasks.

What are organization users?

Organization users are given explicit permission by the organization administrator to create, read, edit, and/or delete entities in an Apigee Edge organization. Permissions are role-based, where a role conveys a specific, targeted set of permissions. This permission scheme is also called role-based access control, or RBAC for short.

Organization users are typically members of your API team who develop and test APIs, run reports, and perform other API admin tasks. Do not confuse organization users with app developers, the consumers of your APIs. The process of onboarding app developers and managing their access to your APIs is an entirely separate topic. See Publishing Overview.

Also, note that topic applies to API management, not API BaaS, which has its own user management framework.

What Edge entities do organization users work with?

Organization users interact with a number of entities, including:

  • API proxies
  • API products
  • Developer apps
  • Developers
  • Environments (Trace tool sessions and deployments)
  • Custom reports (Analytics)

The degree of interaction permitted depends on the role or roles that are assigned to the user by the organization administrator. See also Assigning roles.

Viewing users

You must be an Apigee Edge organization administrator to create users and assign roles. Only organization administrators can see and use the Admin menu used to manage organization users.

In the New Edge experience, you view organization users by selecting Admin > Users.

In Classic Edge, you view organization users by selecting Admin > Organization Users

For each user, you can view:

  • Name: The name of the user you entered when you created the user.
  • Primary email: The email address you entered when you created the user.
  • Role: The role of the user, which determines the degree of access. By default, all users have a user role that gives them full access to all features in Apigee. See also Assigning roles.

By default, all users associated with an organization can view details about other organization users, such as email address, first name, and last name. Only users with the Organization Administrator role can add or update other organization users.

Adding users

To add an organization user:

  1. Log in to the Edge management UI as an organization administrator.
  2. Select Admin > Users.
    If you are not an organization administrator, this menu does not appear. 
  3. Click + User. The "Add a User" screen appears.
  4. Enter the user's email address.
  5. Select the roles you want to assign to the user.
    You can add more than one role to a user. 
  6. Click Save.

If the user already has an Apigee account, they will see the new organization after logging into Apigee Edge. If the new user doesn't yet have an Apigee account, they are sent email instructions for account activation, password reset, and logging in. 

Editing a user profile and assigned roles

You can edit a user profile and add one or more roles to a user when you create a new user or edit an existing user. See also Assigning roles

If a user has multiple roles assigned, the highest-level permission takes precedence. For example, if one role doesn't allow the user to create API proxies, but another role does, then the user can create API proxies. In general, it is not a common use case to assign users multiple roles.

To edit a user profile and assigned roles:

  1. Select Admin > Users.
  2. Click the name of an existing user.
  3. Click Edit.
  4. Edit the First Name or Last Name fields, if desired.
  5. Add or remove roles:
    • To add a role, click in the Roles field and select a new role from the drop-down.
    • To remove a role, click the x associated with the role.
  6. Repeat the previous step to add additional roles, if desired.
  7. Click Save.

Removing users from an organization

To remove a user from an organization, you must be an organization administrator. 

  1. Select Admin > Users.
  2. Click Remove in the Actions column associated with the user that you want to remove.

This removes the user from the current account only. If the user is a member of multiple accounts, they remain in the system.

To remove a user from Apigee completely, contact Apigee Support.

Help or comments?