-title:Administration

url:"/administration"

pages:

-title:About administration in Codefresh

-url:"/administration-overview"

-title:Account & user management

-url:"/account-user-management"

sub-pages:

-title:Create a Codefresh account

url:"/create-codefresh-account"

title:"Account and user management"

description:"Learn how to addteams, users, and configure access control in Codefresh"

description:"Addteams, users, and configure access control"

group:administration

toc:true

Review:

{% if page.layout != "argohub" %}

*[Add users and teams]({{site.baseurl}}/docs/administration/account-user-management/add-users/)

* Configure[access control]({{site.baseurl}}/docs/administration/account-user-management/access-control/)

* Configure access control for[pipelines]({{site.baseurl}}/docs/administration/account-user-management/access-control/) and for[GitOps]({{site.baseurl}}/docs/administration/account-user-management/gitops-abac/)

* Configure access control for[GitOps]({{site.baseurl}}/docs/administration/account-user-management/gitops-abac/)

*[Configure Single Sign-On (SSO)]({{site.baseurl}}/docs/administration/single-sign-on/)

* Get[audit logs]({{site.baseurl}}/docs/administration/account-user-management/audit/) for runtimes (hosted or private)

* Learn[which IP addresses]({{site.baseurl}}/docs/administration/platform-ip-addresses/) are used for SAAS runtimes

For on-premises environments, see[On-premises account and user setup]({{site.baseurl}}/docs/installation/on-premises/on-prem-configuration/).

For on-premises environments, see[On-premises account and user setup]({{site.baseurl}}/docs/installation/on-premises/on-prem-configuration/).

{% endif %}

{% if page.layout == "argohub" %}

*[Add users and teams]({{site.baseurl}}/docs/administration/account-user-management/add-users/)

* Configure access control for[GitOps]({{site.baseurl}}/docs/administration/account-user-management/gitops-abac/)

*[Configure Single Sign-On (SSO)]({{site.baseurl}}/docs/administration/single-sign-on/)

{% endif %}

toc:true

Once you have created a Codefresh account, you can add any number of users to collaborate on repositories, workflows, and pipelines, and teams of users. For Codefresh on-premises, see[On-premises account & user setup]({{site.baseurl}}/docs/installation/on-premises/on-prem-configuration/).

Once you have created a Codefresh account, you can add any number of users to collaborate on repositories, entities, and processes.

{% if page.layout != "argohub" %}

For Codefresh on-premises, see[On-premises account & user setup]({{site.baseurl}}/docs/installation/on-premises/on-prem-configuration/).

{% endif %}

You can then create teams in Codefresh to group users who share a common denominator, such as the same permissions, access to the same functionality, or roles. Teams make it easy for administrators to both define and manage items shared by multiple users in an orgranization.

Adding a user to an account requires assigning a role to define access to account resources, and optionally, selecting an SSO provider for the user:

***Role**: Defines the user's access level to the resources in the account.

***User**: The default. With this role, users can work with your repositories and pipelines, but cannot change settings

on clusters, docker registries, git integrations, shared configurations etc.

***User**: The default. With this role, users can work with repositories and entities, but cannot change configuration settings.

***Administrator**: With this role, users have full access to accounts, and can change all settings, so make sure that they are trusted colleagues.

For guidelines on access control, see[Access control]({{site.baseurl}}/docs/administration/account-user-management/access-control/).

***SSO**: By default, SSO is not enabled for users. If required, explicitly select the SSO provider. For an overview of SSO, see[Single Sign on]({{site.baseurl}}/docs/administration/single-sign-on/).

For guidelines on access control, see {% if page.layout != "argohub" %}[Access control for pipelines]({{site.baseurl}}/docs/administration/account-user-management/access-control/){% endif %}{% if page.layout == "argohub" %}

[Configuring access control for GitOps]({{site.baseurl}}/docs/administration/account-user-management/gitops-abac/)

{% endif %}.

***SSO**: By default, SSO is not enabled for users. If required, explicitly select the SSO provider. For an overview of SSO, see[About Federated Single Sign-on]({{site.baseurl}}/docs/administration/single-sign-on/).

1. In the Codefresh UI, on the toolbar, click the**Settings** icon and then select**Account Settings**.

1.On the sidebar, from Access & Collaborationselect[**Users & Teams**](https://g.codefresh.io/account-admin/collaborators/users){:target="\_blank"}.

1.From the sidebarselect**Users & Teams**.

1. Select**Users**, and then select**+[Add User]**.

1. Type the**User's email address**, and click**Invite**.

* Users

* Admins with users[invited as collaborators](#assign-a-user-to-a-team)

{% if page.layout != "argohub" %}

As part of the global pipeline settings for an account, when creating a team, you can also automatically create a project and a project tag with the same name as that of the team. Enabling**auto-create projects for teams** (disabled by default), simplifies permissions setup for pipelines and projects, as it also creates a Read rule for the project. See[Auto-create projects for teams]({{site.baseurl}}/docs/pipelines/configuration/pipeline-settings/#auto-create-projects-for-teams).

{% endif %}

Create a team in Codefresh and then assign users to the team. You can assign the same user to multiple teams, as in most companies, users have overlapping roles.

1. In the Codefresh UI, on the toolbar, click the**Settings** icon and then select**User Management**.

1. From the sidebar,from Access & Collaboration,select[**Users & Teams**](https://g.codefresh.io/account-admin/collaborators/users){:target="\_blank"}.

1. From the sidebar, select**Users & Teams**.

1. Select**Teams**, and then select**Create a Team**.

1. Enter the**Team Name**.

1. In the Codefresh UI, on the toolbar, click the**Settings** icon, and then select**Account Settings**.

1.On the sidebar,from Access & Collaboration,select[**Users & Teams**](https://g.codefresh.io/account-admin/collaborators/users){:target="\_blank"}.

1.From the sidebar, select**Users & Teams**.

1. Select**Security**.

1. For**User Session**, add the timeout duration in minutes/hours/days.

1. To restrict invitations to specific email domains, below User Invitations, turn on**Restrict inviting additional users..** and then in the**Email domains**, type in the domains to allow, one per line.

1. If this issue persists, please know that our support team is here for you.[Contact](https://support.codefresh.io/hc/en-us/requests/new) them with as many details as you have, and they will assist you promptly.

[Access control]({{site.baseurl}}/docs/administration/account-user-management/access-control/)

[Single Sign on]({{site.baseurl}}/docs/administration/single-sign-on/)

[Single sign-on]({{site.baseurl}}/docs/administration/single-sign-on/)

{% if page.layout != "argohub" %}

[Configuring access control for pipelines]({{site.baseurl}}/docs/administration/account-user-management/access-control/)

{% endif %}

{% if page.layout == "argohub" %}

[Configuring access control for GitOps]({{site.baseurl}}/docs/administration/account-user-management/gitops-abac/)

[Setting up OAuth authentication for Git providers]({{site.baseurl}}/docs/administration/account-user-management/oauth-setup)

{% endif %}

-/docs/getting-started/introduction/

toc:true

Before you can create pipelines, build, and deploy applications in Codefresh, you need to create a Codefresh account.

Creating an account in Codefresh isfree (no credit card is required) and can be done in three simple steps:

Creating an account in Codefresh isthe first step to begin working with the Codefresh platform.

{% include

image.html

max-width="90%"

%}

For Codefresh on-premises, see[On-premises account & user setup]({{site.baseurl}}/docs/installation/on-premises/on-prem-configuration/).

As the first step in setting up your account in Codefresh, select the identity provider (IdP) to use.

Codefresh currently supports the following IdPs:

* GitHub

* Bitbucket

* Google

* LDAP

If you need an IdP that is not in the list, please[contact us](https://codefresh.io/contact-us/) with the details.

If you need an IdP that is not in the list, please[contact us](https://codefresh.io/contact-us/){:target="\_blank"} with the details.

For Git repositories, the login method is less important, as you can Git repositories through[Git integrations]({{site.baseurl}}/docs/integrations/git-providers/), regardless of your sign-up process.

If you have multiple sign-up methods, as long as you use the same email address for all sign-ups, Codefresh automatically redirects you to the account dashboard.

For Git repositories, the login method is less important, as you can access Git repositories through Git integrations, regardless of your sign-up process. <br><br>

If you have multiple sign-up methods, as long as you use the same email address in all the sign-ups, Codefresh automatically redirects you to the account dashboard.

1. Go to the[Codefresh Sign Up page](https://g.codefresh.io/signup){:target="\_blank"}.<!---need to change the URL and the screenshot-->

1. Go to the[Codefresh Sign Up page](https://g.codefresh.io/signup).<!---need to change the URL and the screenshot-->

1. Select the IdP for sign-up.

{% include

image.html

lightbox="true"

file="/images/administration/create-account/select-identity-provider.png"

url="/images/administration/create-account/select-identity-provider.png"

file="/images/quick-start/create-account/select-identity-provider.png"

url="/images/quick-start/create-account/select-identity-provider.png"

alt="Codefresh sign-up page"

caption="Codefresh sign-up page"

max-width="40%"

%}

{:start="2"}

1. Select the IdP for sign-up.

1. Continue with[Step 2: Accept the permissions request](#step2-accept-the-permissions-request).

After you select the IdP (identity provider), Codefresh requests permission to access your basic details, and for Git providers, to access your Git repositories. The Permissions window that is displayed differs according to the IdP selected in the previous step.

Don't worry, Codefresh will not do anything without your explicit approval. Codefresh needs the permissions to build and deploy your projects.

1. Do any of the following:

* For GitHub: To continue, click**Authorize codefresh-io**.

{% include

image.html

lightbox="true"

file="/images/administration/create-account/github-authorize.png"

url="/images/administration/create-account/github-authorize.png"

alt="GitHub authorization page"

caption="GitHub authorization page"

max-width="50%"

%}

{:start="3"}

1. If required, accept the permissions request for the selected IdP:

* For Google, enter the email to use.

* For GitHub: To continue, click**Authorize codefresh-io**.

* For Bitbucket: To continue, click**Grant access**.

{% include

image.html

lightbox="true"

file="/images/administration/create-account/bitbucket-authorize.png"

url="/images/administration/create-account/bitbucket-authorize.png"

alt="Bitbucket authorization page"

caption="Bitbucket authorization page"

max-width="50%"

%}

* For GitLab: To continue, click**Authorize**.

Once you confirm the permissions for your Git provider, Codefresh automatically connects to your Git provider and fetches your basic account details, such as your email.

{:start="4"}

1. In the Verification screen, do the following:

1. Select the required country code, enter your phone number, and then click**Send**.

1. Enter the verification code you received, and click**Next**.

{% include

image.html

lightbox="true"

file="/images/administration/create-account/gitlab-authorize.png"

url="/images/administration/create-account/gitlab-authorize.png"

alt="GitLab authorization page"

caption="GitLab authorization page"

file="/images/quick-start/create-account/verify-phone.png"

url="/images/quick-start/create-account/verify-phone.png"

alt="Verify phone number"

caption="Verify phone number"

max-width="50%"

%}

Once you confirm the permissions for your Git provider, Codefresh automatically connects to your Git provider and fetches your basic account details, such as your email.

{:start="2"}

1. Continue with[Step 3: Verify account details](#step-3-verify-account-details).

Verifying account details is the final step in creating your Codefresh account.

1. Review the details for your new account, make the relevant changes, and click**NEXT**.

{:start="5"}

1. Fill in the fields with your organization's information, including your email, and click**Next**.

{% include

image.html

lightbox="true"

file="/images/administration/create-account/codefresh-signup.png"

url="/images/administration/create-account/codefresh-signup.png"

alt="Codefresh account details"

caption="Codefresh account details"

max-width="40%"

file="/images/quick-start/create-account/organization-details.png"

url="/images/quick-start/create-account/organization-details.png"

alt="Enter organization information"

caption="Enter organization information"

max-width="50%"

%}

{:start="2"}

1. Enter a name for your account, and click**NEXT**.

{:start="6"}

1. Enter a name for your account, and click**Next**.

1. In the Organization type screen, select**Business use** and click**Next**.

1. Select the use cases for your organization and account from among those displayed.

file="/images/administration/create-account/codefresh-accountname.png"

url="/images/administration/create-account/codefresh-accountname.png"

alt="Codefreshaccountname"

caption="Codefreshaccountname"

max-width="40%"

{:start="3"}

1. Finally, answer the questions to personalize your account and click**FINISH**.

{% include

image.html

lightbox="true"

file="/images/administration/create-account/codefresh-personalize.png"

url="/images/administration/create-account/codefresh-personalize.png"

alt="Codefresh personalize account"

caption="Codefresh personalize account "

max-width="40%"

%}

Congratulations! Your new Codefresh account is now ready.

{% if page.layout != "argohub" %}

For Codefresh on-premises, see[On-premises account & user setup]({{site.baseurl}}/docs/installation/on-premises/on-prem-configuration/).

{% endif %}

{% include

image.html

lightbox="true"

file="/images/administration/create-account/codefresh-dashboard.png"

url="/images/administration/create-account/codefresh-dashboard.png"

alt="Codefresh dashboard"

caption="Codefresh dashboard"

max-width="40%"

%}

Codefresh administrators can rename and delete Codefresh accounts.

Account administrators can rename and delete Codefresh accounts.

You may want to rename your existing account, for example, either due to a sign-up error or change of business name.

[Adding users and teams]({{site.baseurl}}/docs/administration/account-user-management/add-users/)

[Configuring access control]({{site.baseurl}}/docs/administration/account-user-management/access-control/)

[Single sign-on]({{site.baseurl}}/docs/administration/single-sign-on/)

{% if page.layout != "argohub" %}

[Configuring access control for pipelines]({{site.baseurl}}/docs/administration/account-user-management/access-control/)

[Codefresh IP addresses]({{site.baseurl}}/docs/administration/platform-ip-addresses/)