User & Role Management

User & Role Management

Give every person exactly the access they need and nothing more. User and Role Management is the security foundation that lets administrators control who can see and do what across every corner of ISO Mate.

The challenge it solves

As a team grows, shared logins and over-broad access quietly become a security and audit risk. People keep permissions they no longer need, onboarding is slow, and sensitive data is exposed to more people than it should be. User and Role Management replaces that guesswork with clear roles, least-privilege access, and strong sign-in controls.

What you can do

  • Grant precise access: build custom roles on the resource.action permission pattern, combined automatically across every role a user holds.
  • Onboard in minutes: invite users by email and assign roles up front so they start with the right access from day one.
  • Support people across organizations: multi-account membership gives users separate roles per account with complete data isolation.
  • Add a second layer of security: TOTP two-factor authentication with backup recovery codes.
  • Simplify sign-in: Google OAuth single sign-on lets users link an existing account or register with one click.
  • Block weak and compromised passwords: complexity policies plus breach detection, with automatic account lockout after repeated failed attempts.
  • Put users in control: a self-service profile to manage passwords, 2FA, preferred language, and personal data export or deletion.

Popular use cases

  • Onboarding and offboarding: grant new hires the right roles on day one and revoke access the moment someone leaves.
  • Least-privilege administration: give finance, sales, and operations only the permissions their work requires.
  • Contractors and agencies: use multi-account membership to give external partners scoped access to just their account.
  • Segregation of duties: separate who can create, approve, and delete to support ISO 27001 access control.
  • Securing delivery tools: restrict who can edit issues, sprints, releases, and test cases.
  • Protecting customer data: limit Help Desk and contact access to the agents who genuinely need it.

Works with the rest of ISO Mate

User and Role Management is the access-control foundation for the entire platform. Every other module, from DevOps and QA to Compliance, Sales, and Help Desk, respects the permissions you define here, so a user only ever sees and touches what their roles allow. Multi-account membership keeps each organization’s data fully isolated, and the same rules apply whether people work in the web console, the mobile app, or through the MCP server and API.

Key benefits at a glance

  • Precise control: role-based permissions down to each resource and action.
  • Stronger security: two-factor authentication, breach detection, and account lockout.
  • Faster onboarding: email invitations with roles assigned up front.
  • Consistent everywhere: every module and account respects the same permissions.