# User & Organization Management Organizations in Valohai are collaborative workspaces with shared infrastructure, projects, and security policies. As an administrator, you control who has access to what — from compute resources to data stores. ## Quick Start for New Admins Access your organization settings by clicking **Hi, \** in the top-right corner, then select **Manage \**. ### Essential Setup Checklist **Users & Teams:** * [Invite users](/user-and-organization-management/getting-started/invite-users.md) to your organization * [Create teams](/user-and-organization-management/getting-started/create-teams.md) to organize access by project or department * Enable [two-factor authentication](/user-and-organization-management/getting-started/faq.md#can-our-organization-require-two-factor-authentication-2fa) for security (optional) **Infrastructure & Data:** * [Configure environment scaling](https://github.com/valohai/dokuhai/blob/main/docs/environments/configure-environments/README.md) for compute resources * [Set team quotas](/user-and-organization-management/environments-and-access-control/team-quotas.md) to control parallel machine usage * [Restrict data stores](/user-and-organization-management/environments-and-access-control/restrict-data-stores.md) by team * Add credentials for [private Docker registries](/docker-in-valohai/private-docker-registries.md) **Security & Credentials:** * Set up [organization-level environment variables](/user-and-organization-management/getting-started/environment-variables.md) for shared secrets * Configure [Single Sign-On](/user-and-organization-management/single-sign-on.md) (Azure AD or Okta) * Review the [Audit Log](/observability/audit-log.md) for compliance tracking ## Access Control Model Valohai uses a three-tier hierarchy: ### Organizations Top-level entities that own: * Compute environments (machine types) * Data stores (S3, Azure Blob, GCS) * Security policies (SSO, 2FA requirements) * Billing settings ### Teams Groups of users within an organization. Teams can: * Own projects collectively * Share environment quotas * Access organization data stores * Map to SSO groups for automatic membership ### Users Individual accounts that can: * Belong to multiple organizations and teams * Own personal projects (if allowed by org policy) * Have organization-level admin privileges ## Common Administrative Tasks ### User Management * [Invite users](/user-and-organization-management/getting-started/invite-users.md) via email * [Create teams](/user-and-organization-management/getting-started/create-teams.md) for department-level access * [Configure SSO](/user-and-organization-management/single-sign-on.md) to automate user provisioning ### Resource Control * [Set team quotas](/user-and-organization-management/environments-and-access-control/team-quotas.md) to limit concurrent machines * [Configure environment scaling](/user-and-organization-management/environments-and-access-control/configure-environments.md) for auto-scaling behavior * [Restrict data stores](/user-and-organization-management/environments-and-access-control/restrict-data-stores.md) to specific teams ### Security & Compliance * [Manage environment variables](/user-and-organization-management/getting-started/environment-variables.md) for secrets * [Review audit logs](/observability/audit-log.md) for activity tracking * [Set up billing](/user-and-organization-management/getting-started/billing.md) and payment methods ## Multi-Organization Workflows Users can belong to multiple organizations simultaneously. This enables: * **Development stages:** Separate organizations for development, staging, and production. * **Departmental isolation:** Different business units with independent budgets and resources. * **Consulting workflows:** Work with multiple clients, each with isolated environments and data. Switch between organizations using the dropdown in the top-right corner. ## Organization Settings Overview Key configuration options in **Settings** tab: **Project Policies:** * Forbid personal projects (require all projects to be org/team-owned) * Disallow public data stores (prevent users from adding public cloud buckets) **Security:** * Require two-factor authentication for all users * Set maximum API token lifetime * Configure default debug ports for SSH access **Defaults:** * Default commit store (where code snapshots are saved) * Default log store (where execution logs are archived)
## Getting Help **Documentation:** Browse guides in this section for detailed setup instructions. **Support:** Contact for SSO configuration, custom integrations, or infrastructure questions. **FAQ:** See [Frequently Asked Questions](/user-and-organization-management/getting-started/faq.md) for common scenarios. ## What's Next? New to Valohai administration? Start here: 1. [Invite your first users](/user-and-organization-management/getting-started/invite-users.md) 2. [Create teams](/user-and-organization-management/getting-started/create-teams.md) for your organization structure 3. [Set up environment variables](/user-and-organization-management/getting-started/environment-variables.md) for shared credentials 4. [Configure team quotas](/user-and-organization-management/environments-and-access-control/team-quotas.md) to control resource usage Already familiar with the basics? Explore advanced topics: * [Azure AD SSO](/user-and-organization-management/single-sign-on/azure-ad.md) — Centralize authentication * [Audit Log](/observability/audit-log.md) — Track all organizational activity * [Environment Scaling](/user-and-organization-management/environments-and-access-control/configure-environments.md) — Fine-tune auto-scaling behavior --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.valohai.com/user-and-organization-management.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.