# Introduction

User management fulfils enterprise users' multi-role management requirements, by assigning different permissions and projects to different roles. Different personnel can be invited within the enterprise to do detailed management of resources.

# Subaccount System

A sub-account is an account created by an EMQX Cloud user. Subaccounts will be activated after email authentication. An EMQX Cloud user account currently cannot be registered as a subaccount. On the contrary, Subaccount email can be registered as an EMQX Cloud user. Additionally, it can be registered as a subaccount under other EMQX Cloud user account.

Here is the login page for sub-users (for subaccount login only)


# Subaccount Categories

Administrator:Same as the platform account, Administrator have all the access to the platform and is the super administrator in the subaccount system. It is important to note that although functionally equivalent to the platform account, the administrator still belongs to the system of subaccount.

Project Administrator:Project Administrators have permission to view and modify projects and to modify and delete deployments. Project administrator is mainly used for project deployment-related management. For example, an organization needs to have separate cluster management and designate a person as administrator for a certain project. Assigning the project administrators will give them sufficient access instead of full access to the project.

Project User:Project users have permission to view the project, and the permission to view and edit the deployment. Project users are usually business developers. In addition to viewing projects and deployment permissions, they can also view deployment details, use Data Integrations and monitoring, and further process-related business requirements.

Accountant:Accountants have financial management permissions and can view projects and deployments. They can manage the billing, balance, invoices, etc.

Auditor:Auditors can view projects, deployments, sub-users, and Accountants. The audit role addresses the need for internal company audits and can have viewing permissions to various features of the platform. Role list

PermissionsProject AdministratorProject UserAccountantAuditor
DeploymentView deployment list
Create new project in the deployment list
Edit project in the deployment list
Delete project in the deployment list
Create new deployments
Move deployments to other project
Start/Stop the deployment
Delete deployment
Change deployment's name
Change to annual plan
TLS/SSL ConfigurationRead onlyRead only
VPC Connection ConfigurationRead onlyRead only
REST API ConfigurationRead onlyRead only
Certification Authentication ConfigurationRead onlyRead only
Data Integrations ConfigurationRead onlyRead only
MonitoringRead onlyRead only
AlertsRead onlyRead only
Online Debugging
User ManagementView user list
User Management Operation
Project CenterView project list
Create new projects
Delete the project
Edit the project
Project bind subaccount
Financial ManagementView the financial data
Top up/bind credit card
View transaction history
View historical and hourly bills
View Coupons
View Invoices
Apply Invoices
View Invoices Address
Edit Invoices Address