Skip to content

Manage team and access

Settings → Team & Access is project-scoped. It combines the user directory, reviewer groups, review teams, approval roles, and Terraform approval mapping. Only a project administrator can change users or reviewer groups.

Typical time
10–20 minutes
You need
Project administrator access
Outcome
Reviewed membership and reusable approval routing

Open Settings → Team & Access, select the project, and use the tabs:

  • Users
  • Reviewer Groups
  • Review Teams
  • Approval Roles

Review Total Users, Active Members, Reviewer Groups, and Open Invites. Use the refresh action after another administrator makes a change. Lists use backend pages; use page size, Previous, and Next instead of assuming the first page contains every record.

Team 1 of 5 · Screenshot placeholder

Select a project and access view

Show the project selector, four tabs, summary cards, and backend pagination.

Future capture briefUse synthetic project, member, group, and invitation data. Hide email addresses and identifiers.

Choose Invite User. ScrinCloud opens the selected project’s setup flow for members.

  1. enter the invited person’s email address;
  2. select the lowest useful project role;
  3. review the selected project;
  4. send the invitation; and
  5. return to Team & Access to confirm the pending row.

Roles are Admin, Editor, Reviewer, and Viewer. Provider access, billing authority, and approval-group membership remain separate permissions.

Team 2 of 5 · Screenshot placeholder

Invite a user to the selected project

Show the Invite User action and a synthetic project invitation form.

Future capture briefUse an example-domain email address. Do not capture invite links, tokens, tenant IDs, or real identities.

Open the row actions for the intended directory entry:

  • Copy email copies the visible address locally.
  • Resend invitation sends a new message for an eligible pending or expired invitation.
  • Revoke access blocks an active non-owner member after confirmation.
  • Delete member removes an active member’s project access record.
  • Delete invitation invalidates an invitation record.

The project owner cannot be revoked through this row action. Review the name, email, role, status, and project before confirming a destructive action.

Team 3 of 5 · Screenshot placeholder

Use the correct member lifecycle action

Show a synthetic row menu and the confirmation for revoke or delete.

Future capture briefMask email addresses and never show invitation links, access tokens, request IDs, or another tenant's members.

Choose Create Group and complete the three drawer steps:

  1. Group details: enter a name and description, then choose Reviewer Group, Review Team, or Approval Role and add a clear function.
  2. Members & access: select at least two active project members, choose one or more permissions, select the environment scope, and set at least two required approvals.
  3. Review: confirm members, permissions, scope, and minimum approvals, then choose Create Group.

Available permissions include Terraform plan review, Terraform apply approval, policy-exception review, production approval access, and emergency-override review.

Team 4 of 5 · Screenshot placeholder

Create a reusable approval group

Show the Details, Members & access, and Review steps with synthetic members and permissions.

Future capture briefDo not use real people, emails, environments, approval evidence, or customer policy names.

Open Reviewer Groups, Review Teams, or Approval Roles and choose Edit on the intended row. Update the same details, members, permissions, scope, or minimum approvals, then choose Save Group.

Review Terraform Approval Mapping to confirm groups with review or apply permissions are visible for routing. Creating a group does not approve a Terraform plan and does not let a member self-approve.

Team 5 of 5 · Screenshot placeholder

Edit a group and review approval mapping

Show a synthetic group Edit action and Terraform Approval Mapping table.

Future capture briefHide member identifiers, project identifiers, plan revisions, approval evidence, and audit request IDs.

Reload the selected project and confirm the directory status or group membership, permission, environment scope, and minimum approvals. Review the appropriate audit record for a high-impact change. UI state alone is not proof that the backend mutation or notification delivery succeeded.

Create a project or ask a project administrator to grant you administrator access.

Select a project. The group also needs a name, description, at least two active members, at least one permission, and a minimum approval count no greater than its selected members.

Resend applies to eligible non-active invitations. Revoke applies to active non-owner members. Use the row’s current status to choose the correct action.