User Administration

FireHydrant works best when your entire incident response team has access to create, update, and manage incidents together. Inviting your team is simple and can be done via the UI. All new users will have Member access. For a primer on FireHydrant's access roles, visit Role-Based Access Controls.

Who should be on FireHydrant?

At FireHydrant, we believe that reliability is a company-wide metric. To that end, FireHydrant is a strong fit for most members of your organization who either respond to incidents or need to be aware of incidents.

Our access roles reflect this philosophy:

  • Viewers are intended for users who need to see incidents and incident activity but don't need to interact or take part. Some examples may include leadership or executive team members and customer-facing team members.
  • Collaborators are lightweight responders who participate in incidents in a light capacity but don't need to configure any settings. Examples may include customer support team members or others who may fulfill external communications roles on incidents but are otherwise inactive in remediation.
  • Members are full team members who respond to incidents and configure tool usage. This often includes engineering teams and other incident response teams.
  • Owners have full permissions to everything in the platform and are reserved for IT/engineering super admins.

We recommend starting with your engineering, SRE, or other teams participating in on-call rotations and responding to incidents. From there, many FireHydrant customers tend to provide access to Support and Success personnel, who often need to communicate incident updates to customers and upper leadership, who may want access to Analytics and stay in the loop on severe incidents.

Inviting team members

If you have configured SSO, provisioning new users in your IDP will automatically provision team members according to application access. In addition, FireHydrant also supports SCIM for deeper automation and identity management.

The following instructions are for organizations not using SSO and authenticating via email.

  1. Go to Settings > Users.
  2. Click on the "+ Invite user" button. This takes you to a different page where you can enter the email address of whoever you want to invite to the FireHydrant organization.
Inviting a new user via UI/email

Inviting a new user via UI/email

  1. Provide the user's email address and click Send invite.
    • After you invite a user, they'll receive an email prompting them to accept the invite and set up their account.
    • When users click Accept My FireHydrant Invitation, they're prompted to provide their name and email, create a password, and accept the privacy policy. Then, they can accept the invitation and join your FireHydrant organization.
Example invitation email

Example invitation email



Make sure your team members accept your email invitation and don't sign up separately on the website. Signing up on the website creates a new organization and account. FireHydrant enforces unique email addresses system-wide, so if someone accidentally registers on their own, they will need to reach out to Support to disable the duplicate account/email before they can accept your invitation.

Manually Disable a FireHydrant User

Searching for users on the **Users** page

Searching for users on the Users page

Sometimes, teammates move on or change roles, and you want to ensure they can no longer access your FireHydrant account. Aside from reaching out to support, you can also do this yourself in the UI (requires Owner permissions).

  1. Navigate to Settings > Users and locate the user you want to disable.
  2. Click on the user, and scroll down to the "Disable user" section of the individual user details page. You can then choose to disable by selecting "Temporarily disable user." This is a reversible action, so have no fear! Disable away.

View Enabled/Disabled Users

On the Users page, you can search for specific users and filter users by Enabled/Disabled. To do this:

  1. Navigate to Settings > Users.

  2. Click on the Filter users dropdown or type into the search bar and hit 'Enter' to filter and search.

Users filter on the Users page

Users filter on the Users page

Automating User Administration

We recommend automating user provisioning and de-provisioning with SSO and SCIM when possible, as most enterprise companies will use an IDP to manage access to all of their applications.

In addition, FireHydrant does provide direct APIs to manage users via SCIM, in case you do not use an IDP but still want to manage users programmatically.

Next Steps