User management — adding users from Entra ID, assigning roles, and managing role assignments
Last updated: March 29, 2026 by Steve
Manage Users
The Manage Users screen lets administrators add users from the organization's Microsoft Entra ID directory and assign them roles in AccessPoint. No separate usernames or passwords are needed — users sign in with their existing Microsoft 365 accounts.
[Screenshot: The user management list showing users with their assigned roles]
Adding a User
- Click Add User.
- Search for the person by name or email address. The search queries your organization's Entra ID directory.
- Select the user from the results.
- Assign one or more roles (see role descriptions below).
- Click Save.
[Screenshot: The Add User dialog showing the search field and role assignment checkboxes]
Changing Roles
To change a user's roles, find them in the user list, click Edit, adjust their role assignments, and save.
Roles
| Role | Description | Sees PII |
|---|---|---|
| Administrator | Configure system settings, manage users, and access all administrative functions | Yes |
| SAO | Manage the full request lifecycle — create, assign, extend, close, and respond to requests | Yes |
| Reviewer | Review and approve documents, apply recommendations and exemptions | Yes |
| Custodian | Collect and submit documents for assigned tasks. Cannot see requestor personal information | No |
| Contributor | Complete tasks within assignments. Cannot see requestor personal information | No |
| Reader | Read-only access to requests and documents. Cannot see requestor personal information | No |
PII Visibility
Roles are divided into those that can see requestor personally identifiable information (PII) and those that cannot. The Custodian, Contributor, and Reader roles are specifically designed for users who need to participate in the process without accessing sensitive requestor details.
Multiple Roles
A user can hold more than one role. Permissions are additive — if a user has both the Reviewer and Custodian roles, they receive the combined permissions of both.