Adding users to Qlik Cloud

The individual who creates the tenant is the service account owner. If you are the service account owner, you are also the first tenant administrator and the only user with access to the tenant. Add more users by sending email invitations or configure an identity provider.

This topic is applicable to Qlik Sense Enterprise SaaS, Qlik Sense Business, and Qlik Cloud Government. If you have a subscription for the Standard, Premium, or Enterprise edition of Qlik Cloud Analytics or Qlik Cloud Data Integration, see Managing users - Capacity-based subscriptions.

You can add users by configuring an identity provider (IdP), or by sending individual email invitations, but not both. However, when you switch from using the invite option to using an identity provider configuration, the invite option will remain available until the identity provider has been activated.

Administrators should ensure their users can meet the Qlik Cloud requirements. For more information, see System requirements and supported browsers.

Adding users with an identity provider

If you have an IdP, you can create an IdP configuration under Identity provider in the Management Console.

To set up an identity provider, see Identity providers.

Adding users with email invitations

To send an email invitation, you must be a tenant administrator. You can invite users to join the tenant by sending email invitations from the Users pane in the Management Console or from your User profile menu. In the invitation window, you can list multiple email addresses separated by a comma or a space. When the user receives the email invitation, they can join the tenant by clicking a link in the email. The link is valid for a limited period. It redirects the user to a registration page.

You can see the invitation status under Users > All users in the Management Console. Select Pending invites in the dropdown list to the left or select Pending invites in the Status column. Hover over the invite to see the expiry date. Invites that have expired are shown in red in the table. When the user has registered, the status changes to active. If needed, you can resend or delete the invitation. If you delete the invitation, the user cannot register, even if the link has not expired.

Users pane filtered on Pending invites — Pending invites in the Users pane of the Management Console

For a visual demo about adding users, see Inviting users to Qlik Cloud

Adding a user by email invitation

Do the following:

In the Management Console, go to Users and click Invite.
Enter the email addresses of the users that you want to invite, and then click Invite.

Information note
You can delete an invitation from the Management Console.
The invited users are listed in the table in the Users pane.

Managing users in the Management Console

When users are added to the tenant, they are listed under Users > All users in the Management Console.

You can search for users by name, email, user ID, or IdP subject. The search on user ID and IdP subject must be an exact match. Hover over the information icon in the Name column to see user ID and IdP subject. The IdP subject field can be used for distinguishing one user from another if the names are identical and the email field is not visible.

For each user in the table, click More to open a menu where you can assign and remove security roles, change user entitlement, activate or disable users, revoke mobile access if it has been granted, and delete users.

User statuses

Each user has a status depending on whether they are a fully registered user, a user who has been invited but not yet registered, or a user who has been disabled. You can select a status to filter by in the dropdown list.

Dropdown list with statuses in User pane — User status dropdown list

User statuses
Status	Description
Active	The user is fully registered. They can use the product according to their user entitlement and assigned roles. For more information, see Assigning user entitlements and Assigning security roles and custom roles.
Disabled	The user entitlement is removed and the user cannot access their account or use the product. All alerts owned by the user will be disabled.
Provisioned	The user is provisioned by the SCIM connector but has not yet registered. You can assign roles to groups of provisioned users and add the groups to spaces. For more information, see Provisioning users and groups using SCIM.
Pending invites	The user is invited but has not yet registered. A user ID is created but no entitlement has been assigned.
Orphans	The user has been assigned an entitlement to their IdP subject from the license service. The user has not yet registered, and no user ID has been created.
Requested	The user is invited to the tenant but the number of users exceeds the limit in the subscription. The user does not have access to the product until the administrator either adds more user entitlements or removes access for other users, which frees up the entitlements for the requested users.

Deleting a user from the tenant

You can delete active users or pending users from the Users section of the Management Console. Deleting an active user frees up a user entitlement that can be assigned to another user. Deleting a pending user removes the user record from the system, and they won't be able to register through the email invitation. You can only delete one user at a time.

Deleting a user

Do the following:

In the Management Console, open the Users section.
In the row for the user to be deleted, click the button to the far right.
Select Delete to delete an existing user or Delete invitation to delete an invitee.
Confirm the deletion.

You cannot delete yourself as a user.

What happens when you delete a user

Deleting a user has several implications beyond simply removing their entry from the Management Console. This section provides more detail about what happens to user information, data, and account information when a user is deleted.

What happens to user information of deleted users

When you delete a registered tenant user, all personally identifiable information is removed. In the Management Console, in the Users section, the Status column shows either Active or Disabled for a registered user. If a user is deleted while logged in to the tenant, the user session is invalidated.

What happens to a deleted user who is part of an IdP

When using your own identity provider, invalidating the user session does not prevent the deleted user from logging in again. If they attempt to do so, a new tenant user record is created. To prevent the user from logging in, they need to first be removed from the identity provider. If you have configured your own identity provider, you can remove the user yourself.

What happens to the Qlik Account of a deleted user

Users with a Qlik Account cannot log in after being deleted from the tenant without being invited again. Removing a user from a tenant does not remove the user from Qlik Account.

What happens to unowned data

When a user is deleted, their spaces and apps no longer have an owner. The content associated with the user is not deleted. A tenant admin can assign new owners to spaces previously owned by the user. In the Spaces section of the Management Console, there is a button for changing owners.

Results of deleting an active or disabled user:

User is no longer available in the tenant.
API keys for the deleted user are revoked.
User allocation is freed up for reassignment.
Spaces now need the owner reassigned.
Apps no longer have an owner.
If the user is the owner of a reload schedule, another user has to take ownership of the reload schedule (or create a new one), or the scheduled reloads will fail.
Management Console audit logs contain details of the deleted user event.
Notifications are deleted.
Alerts owned by the user are deleted.

Related learning:

Learn more

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – let us know how we can improve!

Leave your feedback here