Manage Team members

SAML users do not need to be invited to the team like non-SAML users. SAML users will join the team and consume a seat after their first login via SAML. If your users will login against your SAML Identity Provider, please skip to the add people to groups section below to learn how to assign people to groups after they login with SAML.

If a SAML user is invited and then attempts to login via SAML, two seats will be consumed: one for the invite and one for the SAML user. If you have already invited your SAML users to the team but they have not yet accepted the invites, we suggest revoking their invites before they attempt to login via SAML in order to avoid consuming extra seats. 

If your organization plans to leverage SAML authentication, please see our article on SAML integration.

Inviting people to use Parsec is also super simple! In fact, the invitation and acceptance steps are exactly the same as the steps to invite an administrator, however we will not be delegating any roles to the people who are simply using Parsec.

Inviting users

An administrator with permission to invite users just needs to browse to the Members & Invites section of the admin portal and follow the steps below:

  1. Click the 'Invites' tab, then 'Invite Team Members' 1.png

  2. Provide the email addresses separated by a comma, space, or new line. The following example is a comma delimited list. Optionally, we can pre-assign administrators to a group. Click 'Send Invites'.

    mceclip5.png
    • Please note, adding a user to a group does not delegate any admin permissions. Groups will be used to set connection policies. We will cover delegation of admin roles and permissions below.
  3. Pending invites can be resent or cancelled from the 'Invites' tab.
     
    3.png

Accepting invite to Team

After an administrator sends an invite, the invitee must accept before any roles can be delegated through via role based access control (RBAC). Follow the steps below to accept your invite!

  1. Click 'Join Your Team Now' in your Parsec for Teams email invite.
     
    4.png

  2. Provide a username. Click 'Next'.

    mceclip0.png

  3. Create a password. Click 'Create Account'.

    mceclip1.png

  4. Configure a TOTP based authenticator application such as Authy or 1Password. After installing your authenticator app, scan the QR code with the authenticator app or manually provide the private key. Enter the 6 digit code provided by your authenticator app and a recovery email to recover your account in the event credentials and/or codes are lost or forgotten. Click 'Enable 2FA'.

    mceclip4.png

  5. Click 'Join Team'.

    mceclip6.png

Assign people to groups

If users were not assigned to a group during the invite process, they can be assigned to group(s) after they've accepted their invite. If the users should not have administrator roles, ensure that the 'admin role' value is empty. To assign a person to a group, or to change a person’s existing group membership, follow the steps below.

  1. On the Members & Invites tab ensure the 'Members' tab is selected.
  2. Find and select relevant users.
  3. Click 'Assign to Groups'.
  4. Select the group(s) you would like to add the selected users to.
  5. Deselect the group(s) you would like to remove the selected users from.
  6. Click ‘Apply’.MultiGroupAssignmentChecking.png

Delete people from your Team

Members of your Parsec Team consume a license. In order to "free up" a license, a user will need to be deleted. Follow the steps below to delete a user:

  1. On the Members & Invites tab ensure the 'Members' tab is selected.
  2. Find the relevant user
  3. Click the ellipsis '...'
  4. Click 'Remove user from team'
    mceclip2.png

Reset 2FA

In the event someone loses access to their authenticator and/or backup codes, it is possible for an administrator to reset a person's 2FA. If an administrator resets a person's 2FA, an email will be sent with instructions to reset 2FA. To reset a person's 2FA, follow the steps below:

  1. On the Members & Invites tab ensure the 'Members' tab is selected.
  2. Find the relevant user
  3. Click the ellipsis '...'
  4. Click 'Send 2FA reset email'
    mceclip3.png

The recipient will receive an email that looks like this. Click 'Reset my Two-Factor Authentication'. 

mceclip4.png

The person resetting their 2FA will be prompted for their password to disable 2FA. Click 'Reset 2FA'

mceclip5.png

After resetting 2FA, please note there will not be an additional factor for authentication on the account that was reset. We highly recommend re-enabling 2FA on the account after resetting and regaining access. This is done on the account page.

mceclip6.png