To find your New Relic organization's user management options: From the user menu, select Administration. Here are the user management-related UI pages you can find there:
User management (link to UI): Use this to add users, update user type, manage users' groups, approve user upgrade requests, and control session settings.
Invitation approval: This is where you can approve users to be added to New Relic. These users are not yet considered provisioned and are not billable.
API keys: Use the API keys UI to view and manage your users' API keys.
Domain capture: Use domain capture to route your users into the right place when they attempt to sign up for New Relic. Learn more about domain capture.
Authentication domains (link to UI): Use this to control how your users are added (from New Relic or from an identity provider), how they log in (manually or via SAML SSO), and more. For details, see Authentication domains.
The easiest way to see what your user management permissions are is to go to the user management UI and see what you have access to.
Some user management requirements and restrictions:
To add and edit groups and roles, your organization must have Pro or Enterprise edition.
Permissions-related requirements:
Requires a user type of core user or full platform user.
Most user management permissions require the organization- and authentication domain-related administration settings.
To avoid configuration conflicts, try to ensure that only one person in your organization is managing users at a time.
UI details
Here's a screenshot of the User management UI. We'll explain the column headers below.
Name: The user's name.
Email: The user's email address. For users with Pending: This user has been added but has not yet verified their email. Even in the Pending state, a user is considered provisioned and is therefore billable if they're a core or full platform user.
Last active: The last date a user was logged in to the platform. (This does not track use of our APIs that require a .) This can be useful for deciding to downgrade a user to a lower user type.
ID: A user's New Relic-assigned ID.
For information about the groups that users are in, you can download a TSV file from the UI or use NerdGraph.
Tips on common user management tasks
Here are some user management tasks you might want to do:
To learn about your users, go to the User management UI and examine specific users for details. You can also go to the Access management UI to examine groups: the roles those groups have, and the users in each group.
To see all your users and their group memberships, you can use NerdGraph.
Note that adding users directly to New Relic means users with a billable user type are immediately billable, regardless of whether those users are Pending and haven't yet logged into New Relic. Options for adding users via the user management UI include:
If you don't have that permission, you can invite a teammate. This requests review by an admin of that user being added to New Relic. Pending invites that haven't been reviewed are marked as Pending invite approval in the user management UI. When an admin reviews an invited user, they complete the Add user workflow and that user is considered added in New Relic.
To import multiple users into New Relic at once, you have these options:
SCIM provisioning (recommended for ongoing management): Set up automated user management to automatically sync users and groups from your identity provider (such as Azure AD, Okta, or OneLogin) to New Relic. This is the best option for organizations that want to manage users in bulk and keep them synchronized. Requires Pro or Enterprise edition.
SCIM API (for one-time bulk imports or custom integrations): Use our SCIM API to programmatically create users.
NerdGraph API (for scripted imports): Use our NerdGraph API to create users individually, which can be scripted for bulk operations.
Tip
New Relic doesn't currently support direct CSV or spreadsheet upload for bulk user imports. For bulk importing, use one of the automated methods above.
There are two options for giving your users the ability to manage other users:
The authentication domain settings grant users organization-wide capabilities related to managing users, groups, and authentication domains.
The Group admin role is much more constrained: it gives users the ability to add and remove users for a specific group.
To give organization-wide user management abilities, you can add a user to the default Admin group, which has those settings enabled. You can also create a custom group and give it those settings.
To export a list of all users and their details (names, email addresses, current user type, groups, user ID): From the User management UI, click the download icon beside the Add user button. There's an option for downloading a list of all users in that authentication domain.
Alternatively, to export a subset of users, first select the users you want to export, and then hit the download button.
You can use a single sign-on identity provider to log in to New Relic using SAML SSO. For bulk user management, you'll also want to use SCIM provisioning (also called automated user management). It enables you to automatically sync users and groups from your identity provider to New Relic.
SCIM provisioning offers these benefits for bulk user management:
Automatically import and sync large numbers of users from your identity provider
Keep user information up-to-date automatically
Manage users and groups centrally from your identity provider
