Adding users to the Organization
Giving someone access to an organization always involves two people:
- The requester — the person who wants access.
- The account-admin — an organization member with the
account-adminrole who grants that access.
Method 1: Add a user via their user ID (recommended)
This is the easiest way. The requester already knows their own user ID (the sub field), so they just hand it to the account-admin.
Step 1 — Requester: find your user ID.
sw-paas account whoamiThis prints the sub (subject ID) value. Copy it.
Step 2 — Requester: share the user ID. Send the sub value to the account-admin (chat, email, etc.).
Step 3 — Account-admin: add the user.
sw-paas account user add --sub "<user-id of the new user>"The CLI grants the user access at the chosen level.
Step 4 — Account-admin: confirm it worked.
sw-paas account user listThe new user should appear in the list.
Method 2: Request access via the organization-id
Use this when the requester should ask for access and the account-admin approves it. The requester does not know the organization-id, so the account-admin shares it first.
Step 1 — Account-admin: find and share the organization-id.
sw-paas organization getCopy the organization-id and send it to the requester.
Step 2 — Requester: request access.
sw-paas account user requestThe CLI asks for the organization-id from Step 1.
Step 3 — Account-admin: approve the request.
sw-paas account user requests resolveThe CLI walks you through choosing the pending request and approving it. Once approved, the access is active.
The requester can check the status of their request anytime:
sw-paas account user requests listRemoving a user
To revoke access later, the account-admin runs:
sw-paas account user removeFor more on accounts and roles, see the account guide.
