Users are automatically synchronized from your Identity Provider and cannot be modified in the Twingate Admin Console. Any changes to users—for example, creation or deactivation—are received directly from your configured IdP via SCIM and will update Twingate immediately.
When added to Twingate, all users only have access to the "Everyone" group, and unless Resource(s) are added either to the Everyone group, or users are specifically assigned to a Group, users will not have access to any Twingate Resources.
You are only billed for the number of users seats you have paid for, not for the total number of synchronized users.
Twingate supports three admin roles, each providing different levels of write capabilities across the Twingate Admin Console.
- Admin users have full read and write capabilities across the entire Admin Console.
- DevOps users have read and write capabilities in the Network tab of the Admin Console. Permissions are read-only on all other sections of the Admin Console.
- Support users have read-only access across the entire Admin Console.
For more information, see the Admins page, which describes the different admin roles in detail and how to assign roles to users.
Updated 4 days ago