--- title: "Manage Cloud account members" description: "Guide to managing Aerospike Cloud organization members, roles, permissions, and invitations via the Cloud Console." --- # Manage Cloud account members > For the complete documentation index see: [llms.txt](https://aerospike.com/docs/llms.txt) > > All documentation pages available in markdown. Aerospike Cloud uses Auth0 for secure authentication and member management. This page describes how to invite, manage, and remove members from your cloud organization. ## Member roles and permissions Aerospike Cloud has two member roles with identical permissions: | Role | Permissions | Key Difference | | --- | --- | --- | | **CloudOwner** | Full administrative access | Cannot be removed without contacting support | | **CloudAdmin** | Full administrative access | Can be removed by other admins | Both roles can do the following: - Create and delete database clusters - Manage database users and credentials - Configure VPC peering connections - Generate and revoke API keys - Invite and remove other cloud members - Access billing and usage information ::: caution The CloudOwner role cannot be removed through the console. This prevents accidental lockout from your organization. Contact Aerospike support to transfer ownership or terminate the account. ::: ## Managing Cloud members All member management features are available in the Cloud Console’s **Access Manager** section. ### Inviting new members 1. **Navigate to Access Manager** In the Cloud Console, go to the **Members** tab in the left navigation. 2. **Send Invitation** Click **Invite member** and enter: - Email address - Role will be `OrgAdmin` automatically 3. **Member Accepts Invitation** The invited member receives an email with: - Link to create their Aerospike Cloud account through Auth0 - Instructions for first-time login - Your organization name for verification 4. **Confirm Access** Once accepted, the member appears in your Members list with their assigned role. ### Managing Existing Members #### Viewing Member Status In the Members tab, you can see: - **Active members**: Currently have access - **Pending invitations**: Sent but not yet accepted - **Revoked access**: Previously removed members #### Modifying Member Access - [Remove Member Access](#tab-panel-2044) - [Revoke Pending Invitations](#tab-panel-2045) **For CloudAdmin members:** 1. Find the member in the Members list 2. Click the **Remove** button (trash icon) 3. Confirm the removal in the dialog 4. Member access is immediately revoked **For CloudOwner members:** - Cannot be removed through console - Contact Aerospike support for account ownership transfer 1. Find the pending invitation in the Members list 2. Click **Revoke Invitation** 3. The invitation link becomes invalid 4. You can send a new invitation if needed ## Authentication 1. **Single Sign-On**: Members can use existing Google account 2. **Username/password**: Members can also create a username and password account 3. **Session Management**: Automatic logout after inactivity ### Best Practices #### Member Management - ✅ **Limit CloudOwner accounts** to as few people as possible - ✅ **Remove members promptly** when they leave your team - ✅ **Regular access reviews** quarterly or when team changes #### Security Guidelines - ✅ **Use corporate email addresses** for easier management - ❌ **Don’t share accounts** - each person needs their own login ## Troubleshooting ### Member cannot accept invitation **ISSUE** A member clicks the invitation link but gets an error. **SOLUTION** 1. Verify the member does not already have an Auth0 account with that email. 2. Try incognito or private browsing to avoid cached sessions. 3. Revoke and resend the invitation if the other steps do not resolve the issue. ### Member lost access **ISSUE** A member who previously had access cannot log in. **SOLUTION** 1. Check the **Members** list to confirm the member is still active. 2. Verify the member is using the correct email address. 3. Have the member try a password reset through Auth0. ### Cannot remove CloudOwner **ISSUE** You need to change organization ownership but cannot remove the CloudOwner role. **SOLUTION** 1. Contact Aerospike support with your account details. 2. Provide the new owner email address and verification. 3. Support coordinates the transfer securely. ## Integration with Database Users ::: note - **Cloud members** manage your Aerospike Cloud organization - **[Database users](https://aerospike.com/docs/cloud/manage/database-users)** access your Aerospike databases These are separate authentication systems with different purposes. ::: Cloud member can create and manage database users but they serve different functions: | User Type | Purpose | Authentication | Managed Via | | --- | --- | --- | --- | | **Cloud Member** | Manage cloud resources | Auth0 (SSO) | Cloud Console | | **Database User** | Access database data | Aerospike credentials | Console or API | **Next steps:** - [Create your first database user](https://aerospike.com/docs/cloud/manage/database-users) - [Set up API automation](https://aerospike.com/docs/cloud/manage-apis/cloud-api-use)