User Management

The User Management page lets organization admins invite new team members, monitor active and pending users, configure user profiles, and deactivate accounts when needed. Horizon uses Clerk for authentication, so user identity, sign-in methods, and session management are all handled through Clerk’s infrastructure.

Accessing User Management

Navigate to Settings > Users from the Horizon sidebar. You need the Owner, Admin, or Manager role to access this page. Members can view the user list but cannot perform management actions.

User States

Every user in Horizon is in one of the following states:

State	Description
Active	The user has accepted their invitation, set up authentication, and can access Horizon.
Pending	An invitation has been sent but the user has not yet accepted or completed sign-up.
Deactivated	The user has been deactivated by an admin. They cannot sign in but their data and activity history are preserved.

Inviting Users

1. Click Invite Users in the top-right corner of the Users page.
2. Enter one or more email addresses, separated by commas or newlines.
3. Select the role to assign to the invited users (Admin, Manager, or Member). See Roles for details on each role.
4. Optionally, assign the users to one or more departments.
5. Click Send Invitations.

Invited users receive an email with a link to join your Horizon organization. The invitation link expires after 7 days. You can resend or revoke pending invitations from the user list.

Tip

If your organization has a verified domain configured in Organization Settings, users with matching email addresses can join automatically without needing an explicit invitation.

Bulk Invitations

For larger teams, click Import CSV to upload a CSV file with the following columns:

email,role,department
jane@example.com,member,Sales
bob@example.com,manager,Engineering

The import process validates all rows before sending invitations. Invalid rows are flagged and can be corrected before resubmitting.

Viewing and Filtering Users

The user list displays all users with the following columns:

• Name — the user’s display name.
• Email — their registered email address.
• Role — their assigned role (Owner, Admin, Manager, Member, or a custom role).
• Status — Active, Pending, or Deactivated.
• Departments — the departments they belong to.
• Last Active — the date and time of their most recent session.

Use the filter bar at the top of the list to narrow results by:

• Status (Active, Pending, Deactivated)
• Role
• Department
• Search by name or email

User Profiles

Click on any user to view their profile. A user profile includes:

Account Information

• Display name — the name shown throughout Horizon.
• Email address — managed through Clerk. Users can update their email from their personal settings.
• Avatar — pulled from the user’s Clerk profile or uploaded manually.
• Authentication methods — which sign-in methods (email/password, Google, Microsoft, SAML) the user has configured.

Horizon-Specific Settings

• Role — the user’s role in the organization. Admins can change this from the profile page.
• Departments — the departments the user is assigned to. Department membership affects which agents and resources the user can access.
• Notification preferences — the user’s personal notification overrides. See Notifications for details.

Activity Log

The activity log shows the user’s recent actions:

• Sign-in and sign-out events.
• Agent interactions (conversations, task approvals, manual overrides).
• Settings changes.
• API key usage (if any keys are associated with the user).

Note

Activity logs are retained for 90 days. For longer retention, configure an audit log export in your organization settings.

Editing a User

Admins can update the following for any user:

• Role — change the user’s role. Changing a role takes effect immediately and adjusts their permissions across the platform.
• Departments — add or remove department memberships.
• Custom attributes — if your organization uses custom roles with attribute-based access, you can set custom attributes on the user profile.

Caution

You cannot change the Owner’s role. To transfer ownership, use the Transfer Ownership option in Organization Settings.

Deactivating a User

Deactivating a user prevents them from signing in to Horizon without permanently deleting their account or data.

1. Navigate to the user’s profile.
2. Click Deactivate User.
3. Confirm the action in the dialog.

When a user is deactivated:

• Their active sessions are immediately terminated.
• Any API keys created by the user are suspended (not deleted).
• Their conversation history, agent interactions, and activity logs are preserved.
• Their seat is freed up and no longer counts toward your subscription’s user limit.

To reactivate a user, open their profile and click Reactivate. Their previous role, department memberships, and API keys are restored.

Removing a User

To permanently remove a user and disassociate them from your organization:

1. Deactivate the user first.
2. Click Remove from Organization on their profile.

Danger

Removing a user is permanent. Their personal data is deleted from your organization, though their Clerk identity persists independently. Conversation history involving the user is retained but attributed to “Removed User.”

Clerk Integration Details

Horizon delegates all authentication to Clerk. This means:

• Password resets are handled by Clerk’s self-service flow. Users click “Forgot password” on the sign-in page.
• Multi-factor authentication (MFA) can be enforced at the organization level through Clerk’s dashboard. When enabled, all users must set up MFA on their next sign-in.
• Session tokens are JWTs issued by Clerk and validated by the Horizon backend on every API call.

For advanced Clerk configuration (custom sign-in pages, webhook events, SSO provider setup), refer to the Clerk dashboard linked from Settings > Organization > Authentication.