You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: pages/iam/reference-content/guests-to-members-migration.mdx
+7-3Lines changed: 7 additions & 3 deletions
Original file line number
Diff line number
Diff line change
@@ -18,7 +18,7 @@ This document explains how user management changes with the migration of IAM Gue
18
18
A user (also known as an IAM user) is a human user in an Organization. Three types currently exist:
19
19
20
20
-**Owner**: You are the Owner of the [Organization](#organization) that was created with your account.
21
-
-**Guest**: You are a Guest when invited to another Organization of which you are not the Owner.
21
+
-**Guest**: You are a Guest when invited to another Organization of which you are not the Owner. All guests have a different Scaleway Organization of their own.
22
22
-**Member**: You are a Member when you are added to an Organization by an Owner or user with IAM Manager permissions. Members exist only within the specific Organizations in which they are created.
23
23
24
24
Whereas Owners have full rights and access to all resources and features in their Organization, Guests and Members have only the rights and permissions given to them via [policies](#policy).
@@ -53,7 +53,7 @@ The table below summarizes the key account and access management features that S
53
53
54
54
| Feature | Guests | Members |
55
55
|:--------:|:---------:|:---------:|
56
-
| Login | Guests logged into their own accounts and could access all Organizations they were a part of via the console. |Currently, Members must log into each of their Organizations separately to access them. If they log into an Organization, then want to access a different one using the same email, they must log out of the former first. |
56
+
| Login | Guests logged into their own accounts and could access all Organizations they were a part of via the console. |Members are identified by email address. If you are a Member in more than one Organization with the same email address, you can switch between Organizations. You must perform a first connection as a Member to remain connected and easily switch between Organizations. A first login is required for each device you use to connect to the Scaleway console. You remain logged into each device unless you clear your cookies. |
57
57
| Enforcement of MFA | It was not possible to enforce MFA if a Guest in your Organization had not enabled MFA in their account. Organization admins could send reminder emails, but had to wait for the Guest to enable MFA, or remove them from the Organization to complete the enforce process. | When MFA is enforced in the Organization, Members have a [grace period](iam/concepts/#grace-period) to enable MFA in their accounts. This period is set by the Organization admins and starts as soon as a new Member is added. If they fail to enable MFA within this period, their accounts are locked. |
58
58
| Password renewal | Guests were not required to renew their passwords to stay in an Organization. | As a security measure, Organization admins can require Members to renew their passwords within a grace period. If a password was attributed to Members upon their creation, they must renew this password after their first login. |
59
59
| User management | Guest accounts and personal Organizations could not be managed by anyone other than them. Their permissions on Organizations they were invited to are the prerogative of Organization admins. | Member accounts are a 100% manageable resource - they can be created, updated, locked and deleted by Organization admins. |
@@ -83,4 +83,8 @@ The table below summarizes the key account and access management features that S
83
83
The migration might take up to one minute.
84
84
</Message>
85
85
86
-
You receive an email to confirm the migration. The former Guests, now Members, also receive an email with their credentials instructions on how to log in as a member for the first time.
86
+
You receive an email to confirm the migration. The former Guests, now Members, also receive an email with their credentials instructions on how to log in as a member for the first time.
87
+
88
+
<Messagetype="important">
89
+
If you are a Member in more than one Organization with the same email address, you can switch between Organizations. You must perform a first connection as a Member to remain connected and easily switch between Organizations. A first login is required for each device you use to connect to the Scaleway console. You remain logged into each device unless you clear your cookies.
0 commit comments