Skip to main content

Organization

The Hyperstack organization feature is designed to efficiently manage your team members and their access to resources. When you sign up for a Hyperstack account, you automatically become the owner of an organization under your name, allowing you to invite members to join. You can manage resource access for team members using the user role system, which lets you grant specific permissions for each resource.

Additionally, please note that resource costs and billing are associated with the account of the organization. Therefore, resources created by all users within your organization will be billed to your organization's account.

In this article


User account types

When you create a new Hyperstack account, you automatically become the owner of your organization, granting you unrestricted permissions and the ability to invite new members. By default, new users you invite will be assigned a member account type without any resource action permissions. To learn how to grant permissions to organization members, click here.

A Hyperstack account can only belong to one organization at a time. To transfer an account to another organization or change ownership, please contact our technical support team at [email protected] for assistance.

Invite members to your organization

To invite a member to your organization, follow the steps below:

  1. In Hyperstack, navigate to the 'My Organization' tab near the bottom of the left sidebar.

  2. Click the Invite user to join organization button.

  3. In the Invite user modal window, enter the email of the user you are inviting and click Send invite.

  4. View the status of the invitation by clicking on the Pending requests tab. You can also delete invitations by hovering over the under the Actions header and clicking Cancel invitation.

An invitation email with a signup link will be sent to the recipient. They simply need to create a Hyperstack account and log in to automatically become a member of your organization.


User roles

Hyperstack's Role-Based Access Control (RBAC) system enables you to create user roles that specify the level of access each member has. A user role consists of permissions and policies that have been added to it. Policies grant access to groups of permissions for common use cases, such as "AllPermissions," which provides full access to all resource actions within Hyperstack. Permissions grant access to individual resource actions, such as "virtual-machine-create," which allows a member to create a virtual machine.

Create a user role

Here's how to create a custom user role and manage resource access effectively:

  1. In Hyperstack, navigate to the My Organization tab near the bottom of the left sidebar.

  2. In the top left of the organization window, click Create a new User Role.

  3. Name the user role and select the policies and permissions corresponding to the resource actions you wish to grant the user.

    a. Policies: Grant access to groups of permissions for common use cases, such as "AllPermissions," which grants full access to all resource actions within Hyperstack.

    b. Permissions: Grant access to individual resource actions, such as "virtual-machine-create", which grants a member the permission to create a virtual machine.

  4. After selecting the desired policies and permissions, click Create Role.

  5. To view your new user role, navigate back to the My Organization page and click View User Roles in the top left corner.

  6. From this page, you can edit or delete existing user roles.

The user role demonstrated in the video above grants a user access to all resource actions within Hyperstack.

Assign user role to organization member

  1. Navigate to the My Organization page located near the bottom of the left sidebar.

  2. Under the Roles header, click the "" next to the member you want to assign the role to. Select the desired role and click the Assign role button.


Manage email notifications

Organization owners can manage email notifications that alert them when their account balance reaches a specified threshold to ensure resources remain active. Notifications are automatically sent when the remaining credit, calculated against current resource usage, corresponds to approximately 48, 24, 12, and 6 hours of usage left.

To access credit limit email notification settings:

  1. Navigate to the Account Details page by selecting My Account from the left sidebar, then choose Settings.

    Email Notifications

  2. Use the STATE toggle to enable or disable the email notifications as needed.

    Email Notifications 3

    Once disabled, credit balance warning notifications will no longer be sent to your email. You can re-enable these notifications at any time by toggling the STATE switch again.


Organization management APIs

See below for a list of APIs that provide control over your organization, including member invitations and user access permissions.

Core APIs

APIs to obtain and change details about your organization.

Endpoint NameURLDescription
Retrieve organization detailsGET /auth/organizationsRetrieves details about your organization and its members.
Remove organization member /auth/organizations/remove-memberRemoves a member from your organization.
Change organization namePUT /auth/organizations/updateChanges the name of your organization.

Member invitation APIs

APIs for managing organization member invitations.

Endpoint NameURLDescription
Invite organization member /auth/invitesInvites a member to your organization.
List organization invitationsGET /auth/invitesRetrieves a list of organization invitations.
Delete organization invitationsDELETE /auth/invites/{id}Deletes an organization invitation.

User role APIs

APIs for managing user roles, enabling the assignment of pre-configured sets of resource access permissions and policies to users within your organization.

Endpoint NameURLDescription
List RBAC rolesGET /auth/rolesReturns a list of existing RBAC roles.
Create RBAC role /auth/rolesCreates an RBAC role.
Retrieve RBAC role detailsGET /auth/roles/{id}Retrieves the details of an existing RBAC role.
Update RBAC rolePUT /auth/roles/{id}Modifies an RBAC role.
Delete RBAC roleDELETE /auth/roles/{id}Deletes an RBAC role.
Assign RBAC role to organization memberPUT /auth/users/{user_id}/assign-rolesAssigns an RBAC role to a member of your organization, granting them the specified permissions and policies.
Revoke RBAC role from organization memberDELETE /auth/users/{user_id}/rolesRemoves an RBAC role from a member of your organization, revoking the specified permissions and policies.

Permissions and policies APIs

APIs for obtaining permissions/policies information.

Endpoint NameURLDescription
List permissionsGET /auth/permissionsLists permissions that can be added to user roles.
List PoliciesGET /auth/policiesReturns a list of policies that can be added to user roles.
List my permissionsGET /auth/users/me/permissionsRetrieves a list of permissions assigned to your account.
List user permissionsGET /auth/users/{id}/permissionsRetrieves a list of permissions assinged to a user.

Manage user role APIs

APIs for managing the user roles assigned to members within your organization, enabling you to control resource access for your users.

Endpoint NameURLDescription
Assign RBAC role to organization memberPUT /auth/users/{user_id}/assign-rolesAssigns an RBAC role to a member of your organization, granting them the specified permissions and policies.
Revoke RBAC role from organization memberDELETE /auth/users/{user_id}/rolesRemoves an RBAC role from a member of your organization, revoking the specified permissions and policies.

Back to top