Skip to main content
Key Takeaways:
  • Users are individuals invited to your Dfns organization.
  • Roles are collections of permissions that define what a user can see and do.
  • Best Practice: Grant users the minimum permissions necessary for their job (principle of least privilege).

Managing Users

You can easily invite new team members to your Dfns organization and manage their access directly from the dashboard.

Inviting a New User

To add a new member to your team:
  1. Navigate to Users.
  2. Click the Invite User button in the top-right corner.
  3. Enter the user’s email address.
  4. Click Create.
The user will receive an email invitation to join your Dfns organization. They are created without any role or permission, so they cannot see or do anything. You should then assign roles to them to grant them permissions.

Deactivating a User

If a team member no longer requires access, you can deactivate their account. Deactivating a user immediately revokes their access to the Dfns dashboard and their ability to use API credentials associated with them.
  1. Navigate to Users.
  2. Find the user you wish to remove in the list.
  3. Click the icon.

Managing Roles

Roles allow you to define granular permissions and apply them consistently to different users. This approach simplifies access management and enhances security.

Creating a custom role

Dfns provides default roles like ManagedFullAdminAccess (which is applied when you set someone as an Admin), but we highly recommend creating custom roles tailored to your team’s specific responsibilities.
  1. Navigate to Org > Permissions.
  2. Click Create Role.
  3. Give the role a descriptive Name (e.g., “Approver”, “Auditor”, “Transaction Operator”).
  4. Select the specific Permissions you want to include. Each permission is broken down by action (Create, Read, Update) and resource (Wallets, Policies, etc.).
  5. Click Create to save the new role.

Assigning roles to users

You can assign or change a user’s roles at any time.
  1. Navigate to Users.
  2. Click on the user you wish to edit.
  3. In the Roles section, click Add Role to assign a role, or remove existing ones.
  4. Changes are saved automatically.

Recommendations & Best Practices

Adhering to the principle of least privilege is crucial for security. Each user should only have the roles essential to perform their duties. Avoid using the broad Admin role for daily operations. See an example with an “Approver” role in the Permission-Based Access Control tutorial.
Last modified on February 6, 2026