Skip to content
Veraproof Veraproof Docs

User Management

User Management

Challenge-specific roles and permissions for the Users page. For shared workflows (create, suspend, search, owner rules), see the shared User Management guide.

Access

  1. Log in at challenge.veraproof.io.
  2. Open Users in the main navigation.
  3. You need Admin or Owner privileges.

User roles

Each user has exactly one role per tenant.

RoleTypical useDashboardResponder (view)Responder (submit)Integrations, SSO, billing, users
OwnerTenant creatorYesYesYesYes
AdminPlatform administratorsYesYesYesYes
AnalystSOC / IR operatorsYesYesYesNo
ViewerRead-only stakeholdersYesYes (read-only)NoNo
  • Owner — Full access including billing. Cannot be changed or deleted from the UI; contact [email protected] to transfer ownership.
  • Admin — Full tenant administration.
  • Analyst — Same as Viewer, plus Responder actions (create challenges, revoke sessions). Cannot manage integrations, SSO, billing, or users.
  • Viewer — Dashboard and read-only Responder; cannot submit Responder actions or change configuration.

Create a user

  1. Click Create User.
  2. Enter Email address and Full name.
  3. Choose Role: Viewer, Analyst, or Admin.
  4. Click Create User.

Change a user’s role

  1. Click Change role in the Actions column.
  2. Select the new role and click Update role.
  3. Confirm in the dialog.

You cannot change your own role or the Owner role. Keep at least one Admin before demoting the last admin.

Suspend blocks Challenge admin access but keeps audit log links to that user.

  1. Click Suspend and confirm.
  2. Click Unsuspend to restore access.

Delete (permanent)

Delete removes the user and:

  • Detaches their account from audit logs — Events remain, but no longer show which user performed the action.
  • Removes integration configurations they owned.
  • Reassigns some tenant settings (IdP, support contact, etc.) to another admin or the owner when possible.

Prefer suspend over delete when audit attribution matters. The delete confirmation in the UI summarizes this impact.

Search and filters

Filter by status (active / suspended) or role (owner, admin, analyst, viewer).

Best practices

  1. Use Analyst for operators who need Responder but not integration changes.
  2. Use Viewer for stakeholders who only need dashboard visibility.
  3. Suspend before delete when audit history must stay attributable.

Support

Contact [email protected].