# Buildkite User Management Documentation

> Buildkite documentation for user and team management, covering permissions, SSO providers, two-factor authentication, audit logging, API token management, and system banners.

## Pipelines

### Security

- [Permissions](https://buildkite.com/docs/pipelines/security/permissions.md): Configuring user, team, and pipeline permissions at organization, team, and pipeline levels.

## Test Engine

- [Permissions](https://buildkite.com/docs/test-engine/permissions.md): Team-based permissions for test suites at organization and suite levels, including security settings.

## Package Registries

### Security

- [Permissions](https://buildkite.com/docs/package-registries/security/permissions.md): Team-based access permissions for registries at organization and registry levels, including enabling the feature.

## Platform

### Team management

- [Overview](https://buildkite.com/docs/platform/team-management.md): Overview of team management features: permissions, 2FA enforcement, system banners, and API token management.
- [User and team permissions](https://buildkite.com/docs/platform/team-management/permissions.md): Configuring user and team permissions at organization, team, pipeline, suite, and registry levels.
- [Enforce 2FA](https://buildkite.com/docs/platform/team-management/enforce-2fa.md): Enforcing two-factor authentication for all users in a Buildkite organization.
- [System banners](https://buildkite.com/docs/platform/team-management/system-banners.md): Creating organization-wide announcement banners visible to all members (Enterprise plan).
- [Inactive user list](https://buildkite.com/docs/platform/team-management/inactive-user-list.md): Identifying and managing inactive organization members using the Buildkite UI or GraphQL API.

### Tutorials

- [Two-factor authentication (2FA)](https://buildkite.com/docs/platform/tutorials/2fa.md): Step-by-step guide to enabling two-factor authentication on your Buildkite account.
- [Audit log](https://buildkite.com/docs/platform/audit-log.md): Viewing and exporting organization activity events in the audit log (Enterprise plan).

### SSO

- [Overview](https://buildkite.com/docs/platform/sso.md): Overview of SSO support, listing providers (Okta, ADFS, GitHub, Google, Azure AD, OneLogin, custom SAML).
- [Okta](https://buildkite.com/docs/platform/sso/okta.md): Configuring Okta as an SSO provider with SAML and optional SCIM user provisioning.
- [ADFS](https://buildkite.com/docs/platform/sso/adfs.md): Step-by-step setup of Active Directory Federation Services (ADFS) as an SSO provider.
- [Google Workspace](https://buildkite.com/docs/platform/sso/google-workspace.md): Setting up Google Workspace (G Suite) as an SSO provider using OpenID.
- [Google Workspace (SAML)](https://buildkite.com/docs/platform/sso/google-workspace-saml.md): Setting up Google Workspace as an SSO provider using SAML instead of OpenID.
- [GitHub](https://buildkite.com/docs/platform/sso/github-sso.md): Configuring GitHub as an SSO provider for your Buildkite organization.
- [OneLogin](https://buildkite.com/docs/platform/sso/onelogin.md): Step-by-step setup of OneLogin as an SSO provider.
- [Azure AD](https://buildkite.com/docs/platform/sso/azure-ad.md): Configuring Microsoft Entra ID (Azure AD) as an SSO provider using custom SAML.
- [Custom SAML](https://buildkite.com/docs/platform/sso/custom-saml.md): Setting up any SAML 2.0 identity provider as an SSO provider for Buildkite.
- [Set up with GraphQL](https://buildkite.com/docs/platform/sso/sso-setup-with-graphql.md): Programmatically setting up SSO providers using the GraphQL API.

### Security

- [Token security](https://buildkite.com/docs/platform/security/tokens.md): Buildkite token types (API, agent, registry) and GitHub secret scanning integration.

## APIs

- [Managing API access tokens](https://buildkite.com/docs/apis/managing-api-tokens.md): Creating, editing, auditing, and securing API access tokens with scopes and IP restrictions.

## See also

- [Buildkite Security Documentation](https://buildkite.com/docs/llms-security.txt): Buildkite documentation for security, including secrets management, OIDC, clusters, permissions, SSO, agent security, signed pipelines, and security best practices.
- [Buildkite Governance Documentation](https://buildkite.com/docs/llms-governance.txt): Buildkite documentation for governance and compliance, including pipeline templates, build exports, audit logging, team management, and platform controls.