Managing the users in your organisation

User management and permissioning is for inviting new users, deprecating old accounts, and allocating roles on the Demyst platform. It is controlled by an organization's Admins.

User Management Portal

The Demyst user management portal is located at

The portal lists all of the users signed up in an organisation, showing who is "Active" (in bold), who has been "Deactivated" (greyed out and italicized), and the users' last login dates.

Note that "Active" users can sign in to the platform, while "Deactivated" users are totally blocked from access.

User Invitations

Admins can invite new users with the "Invite Teammates" button In the upper right-hand corner of the user management portal. Invitations can be issued through the form on the popup modal or by copying an invitation link and sending that directly to a colleague.

Role-Based Abilities

Admins can use the dropdown menu in the user management portal to change another user's role — roles dictate what actions are available. User management activity and API Key management are exclusively available to the Admin role.

Although most organisations only need Users and Admins, an example of a more extensive permissions structure is shown above. Enterprise organisations can work with Demyst to deploy the structure that best fits their needs.

Users can reset their own passwords in their portal by using "Forgot Password" on the login page.

Demyst also supports resetting passwords through our RESTful APIs. You may view the swagger documentation here:, under /users/password.

Step 1 - Generate JWT using existing username and pass

curl --location '<'>  
--header 'Content-Type: application/json'  
--data '{  
    "email_address": "{replace with username}",  
    "password": "{replace with password}"  

Step 2 - Use the generated JWT token as the Authorization, and your current password, to reset or update it:

curl --location --request PUT '' \
--header 'Authorization: Bearer $JWT_TOKEN' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data '{
    "user": {
        "current_password": "{replace with OLD password}",
        "password": "{replace with new password}",
        "password_confirmation": "{replace with new password}"

Upon success, you will receive the following response:

    "response": {
        "message": "successfully updated"