Summary and recommendation
Axure RP user management can be run manually, but complexity usually increases with role models, licensing gates, and offboarding dependencies. This guide gives the exact mechanics and where automation has the biggest impact.
Axure Cloud for Business uses a two-layer, role-based permission model. At the organization level, each user holds one of five fixed system roles (Guest, Member, Admin, Technical Admin, or Super Admin). At the workspace level, permissions (Admin, Can edit, View only) are set per user per workspace.
There are no custom roles on any plan.
User management lives in two separate portals: Axure Cloud for Business (app.axure.cloud) for organization membership and roles, and the Axure License Portal (app.axure.com) for subscription seat assignment. Every app in your stack that touches identity will require its own offboarding step - Axure requires two.
Quick facts
| Admin console path | Sidebar → Options button (•••) to the right of the organization → Organization settings and members → Members page |
| Admin console URL | Official docs |
| SCIM available | No |
| SCIM tier required | Business/Enterprise |
| SSO prerequisite | No |
User types and roles
| Role | Permissions | Cannot do | Plan required | Seat cost | Watch out for |
|---|---|---|---|---|---|
| Super Admin (Cloud for Business) | Full control over all user accounts, organization settings, SAML/SSO configuration, and all workspace and project actions. Can do everything all other roles can do. | Cannot have more than one Super Admin per server/organization. Cannot transfer Super Admin status without leaving the organization and designating a replacement. | Axure Cloud for Business (private instance or on-premises) | Counts as one seat | There can be only one Super Admin account per server. Created during initial Axure Cloud for Business setup. |
| Technical Admin (Cloud for Business) | Handles technical setup and configuration of the private instance or on-premises server. Can do everything Admins can do plus server-level configuration. Can create other Admin users. | Cannot create projects or workspaces; cannot invite collaborators to workspaces. | Axure Cloud for Business (private instance or on-premises) | Does not count toward the monthly user cap | Only Super Admin or another Technical Admin can assign the Technical Admin role. Technical Admins are exempt from seat counts precisely because they lack project/workspace creation rights. |
| Admin (Cloud for Business) | Can do everything Members can do, plus create and manage Guest, Member, and other Admin accounts. Automatically has Admin-level access in every workspace they join. | Cannot create other Admin accounts unless they are a Technical Admin or Super Admin. | Axure Cloud for Business (private instance or on-premises) | Counts as one seat | Only Super Admin and Technical Admins can create Admin users. |
| Member (Cloud for Business) | Can do everything Guests can do, plus create new workspaces, invite other users to workspaces, and browse/join any workspace within the organization. | Cannot manage other members (add, deactivate, or change roles of other users). | Axure Cloud for Business (private instance or on-premises) | Counts as one seat | Members can browse and join any non-invite-only workspace in the organization, which may expose projects unintentionally if workspaces are not set to invite-only. |
| Guest (Cloud for Business) | Can only access workspaces they have been explicitly invited to. Can be granted Can edit or View only permissions within those workspaces. | Cannot browse or join workspaces they have not been invited to. Cannot create workspaces. | Axure Cloud for Business (private instance or on-premises) | Counts as one seat if set as Publisher/Author; free if View only | Guests can still be given edit access to specific workspaces; their restricted access is at the organization browse level, not the workspace permission level. |
| Publisher (Axure RP role, within Cloud for Business) | Can publish prototypes from Axure RP to the Axure Cloud for Business server. | Cannot publish without occupying an Axure Cloud for Business seat or holding an Axure RP Enterprise subscription. | Axure Cloud for Business seat OR Axure RP Enterprise subscription | Requires a paid seat or Enterprise subscription | New accounts added to Axure Cloud for Business start on a publishing trial, allowing publishing without a seat temporarily. A seat or Enterprise subscription is required for ongoing publishing. |
| Viewer (Axure RP role, within Cloud for Business) | Can view and inspect published prototypes. Can open whiteboards and documents shared with them. | Cannot publish prototypes, create new whiteboards/documents, or make edits. | Axure Cloud for Business (any tier) | Does not require a paid publisher seat | |
| Author (Cloud role, within Cloud for Business) | Can create new whiteboards and documents, and edit any existing whiteboards and documents they have access to within the organization. | Cannot perform admin-level user management. | Axure Cloud for Business (any tier) | Counts as one seat | |
| Owner (Axure License Portal) | Responsible for subscription billing, can access receipts, and make changes to the subscription's product edition and billing term. | Cannot assign/unassign subscriptions to end-users directly (that is a Manager action, though the same person can hold both roles). | Any Axure RP subscription (Pro, Team, or Enterprise) | N/A - administrative role in the License Portal, not a Cloud seat | If a subscription was purchased via purchase order or invoice, certain actions (transferring ownership, changing billing term, changing edition) must be handled by Axure's sales operations team via sales@axure.com. |
| Manager (Axure License Portal) | Can assign and unassign Axure RP subscriptions to end-users, and add or remove other managers. | Cannot change billing terms or product edition (Owner-only actions). | Any Axure RP subscription (Pro, Team, or Enterprise) | N/A - administrative role in the License Portal, not a Cloud seat | Multiple managers can be added to a subscription group. Managers are managed per-subscription via the kebab menu in the Manage products tab. |
Permission model
- Model type: role-based
- Description: Axure Cloud for Business uses a two-layer role-based model. At the organization level, users are assigned a system role (Guest, Member, Admin, Technical Admin, or Super Admin) that controls organization-wide access and user management capabilities. At the workspace level, users are assigned a workspace permission (Admin, Can edit, or View only) that controls access to specific projects. Additionally, each user has an Axure RP role (Publisher or Viewer) controlling publishing rights, and a Cloud role (Author or Viewer) controlling whiteboard/document creation. The Axure License Portal uses a separate three-role model (Owner, Manager, Assigned User) for subscription seat management.
- Custom roles: No
- Custom roles plan: Not documented
- Granularity: Organization-level system roles are fixed (no custom roles). Workspace-level permissions are set per-user per-workspace (Admin, Can edit, View only). Bulk role changes are supported via checkboxes on the Members page.
How to add users
- Sign in to an Admin, Technical Admin, or Super Admin account on Axure Cloud for Business.
- In the sidebar, click the Options button (•••) to the right of the organization name.
- Select 'Organization settings and members' from the context menu.
- On the Members page, click 'Add members' at the top-right.
- In the Add members dialog, enter the email address(es) of one or more teammates.
- If SAML SSO is configured, optionally check 'Use SSO' to require SAML authentication for the new accounts.
- For on-premises installations, set a password in the Password field; optionally check 'Require password reset on next login'.
- Select the System role (Guest, Member, or Admin), the Axure RP role (Publisher or Viewer), and the Cloud role (Author or Viewer).
- Click 'Add members' to create the accounts.
- For Axure RP seat assignment (separate from Cloud access): sign in to the Axure License Portal at https://app.axure.com, go to the Manage products tab, click the 'Unassigned' link next to the relevant subscription, enter the assignee's email address, and click Assign.
Required fields: Email address of the new user, System role (Guest, Member, or Admin), Axure RP role (Publisher or Viewer), Cloud role (Author or Viewer), Password (on-premises only; private instance users receive an email to set their own password)
Watch out for:
- New users added to Axure Cloud for Business start on a publishing trial and can publish without a seat temporarily; a paid seat or Axure RP Enterprise subscription is required for ongoing publishing.
- Users need a separate public Axure Cloud account (in addition to their Axure Cloud for Business account) to activate their Axure RP subscription.
- Only Super Admin and Technical Admins can create Admin-level accounts.
- Bulk role changes are possible by selecting multiple checkboxes on the Members page and using the 'Set role' options at the bottom.
- SAML must be configured by the Super Admin or Technical Admin before the 'Use SSO' option appears in the Add members dialog.
- Axure RP Enterprise Edition users can be flagged so they do not count toward the Axure Cloud for Business monthly user cap (legacy on-premises behavior).
| Bulk option | Availability | Notes |
|---|---|---|
| CSV import | No | Not documented |
| Domain whitelisting | No | Automatic domain-based user add |
| IdP provisioning | No | Not documented |
How to remove or deactivate users
- Can delete users: No
- Delete/deactivate behavior: Axure Cloud for Business does not offer a permanent delete action for individual user accounts from the Members page. The supported action is Deactivate (current UI) or Disable (legacy on-premises UI), which prevents the user from signing in or publishing but preserves their account record. Deactivated accounts can be reactivated at any time. Organization deletion (Super Admin only) permanently deletes all workspaces, projects, and disbands all users, but this is an org-level action, not a per-user delete.
- Sign in to an Admin, Technical Admin, or Super Admin account.
- Navigate to the Members page via sidebar → Options (•••) → Organization settings and members.
- Locate the user to deactivate in the members table.
- Click the Options button (•••) in the far-right column of that user's row.
- Select 'Deactivate' from the context menu.
- In the confirmation dialog, click 'Deactivate' to confirm.
- To reactivate, select the 'Deactivated' tab on the Members page, locate the user, and use the ••• menu to activate.
| Data impact | Behavior |
|---|---|
| Owned records | No official documentation specifies what happens to projects or workspaces owned by a deactivated user. Projects published to Axure Cloud remain accessible to other workspace members with appropriate permissions. |
| Shared content | Shared prototypes and workspace content remain accessible to other users with workspace access after a user is deactivated. |
| Integrations | No official documentation specifies impact on third-party integrations (Slack, Teams, Jira) tied to a deactivated user's account. |
| License freed | Deactivating a user in Axure Cloud for Business frees their seat from the organization's user cap. For Axure RP subscription seats, the seat must be separately unassigned in the Axure License Portal via the kebab menu → Assign → Unassign. |
Watch out for:
- Deactivation in Axure Cloud for Business and unassignment in the Axure License Portal are two separate actions; deactivating a Cloud account does not automatically unassign the Axure RP subscription seat.
- Deactivated accounts are preserved and can be reactivated; there is no permanent per-user delete from the Members page.
- The Super Admin cannot be deactivated without first transferring Super Admin status to another member.
License and seat management
| Seat type | Includes | Cost |
|---|---|---|
| Axure RP Pro (subscription) | Single-user Axure RP desktop application license. No team project or Axure Cloud for Business features. | $29/user/month (annual) or $34/user/month (monthly) |
| Axure RP Team (subscription) | Axure RP desktop application with team project collaboration and Axure Cloud access. | $49/user/month (annual) or $57/user/month (monthly) |
| Axure RP Enterprise (subscription) | Axure RP desktop application with all Team features plus Axure Cloud for Business private instance access, SAML SSO, and on-premises options. Enterprise users do not count toward the Axure Cloud for Business monthly user cap. | Custom pricing - contact sales@axure.com |
| Axure Cloud for Business seat (Publisher) | Allows a non-Enterprise user to publish prototypes to an Axure Cloud for Business private instance or on-premises server. | Included as part of Axure Cloud for Business subscription; specific per-seat pricing requires contacting Axure sales |
| Axure Cloud for Business seat (Viewer/Guest) | View-only access to published prototypes and shared content. Does not require a publisher seat. | No additional seat cost for view-only access |
- Where to check usage: Axure License Portal (https://app.axure.com) → Manage products tab: shows all subscriptions with assigned/unassigned status. Axure Cloud for Business Members page (sidebar → ••• → Organization settings and members) shows active vs. deactivated members and their roles.
- How to identify unused seats: In the Axure License Portal, subscriptions with no assigned user display as 'Unassigned' in the Manage products tab. In Axure Cloud for Business, the Members page shows active accounts; the Deactivated tab shows inactive accounts. No built-in last-login or usage analytics report is documented in official docs.
- Billing notes: Upgrades to a higher edition take effect immediately and are charged a prorated amount for the remainder of the current term. Downgrades are applied after the current term ends with no immediate charge. Subscriptions purchased via purchase order or invoice require contacting sales@axure.com for edition changes, billing term changes, or ownership transfers. New subscriptions can be co-termed with existing subscriptions by adding them to an existing subscription group at checkout (prorated billing applies).
The cost of manual management
Axure has no native SCIM and no domain-based auto-provisioning for cloud instances. Every user must be invited manually by email, one batch at a time, with no CSV import path documented.
Offboarding is a two-step process by design: deactivating a user in Axure Cloud for Business does not unassign their RP subscription seat in the License Portal. Admins must complete both actions independently to fully remove access and reclaim the seat.
There is also a two-account requirement - new users need a separate public Axure Cloud account in addition to their Cloud for Business account to activate their RP subscription. This adds friction to every onboarding cycle.
What IT admins are saying
The most consistent friction point reported is the split between the Cloud for Business Members page and the License Portal - two separate admin surfaces that do not sync.
Admins managing departing employees must remember to act in both places or risk leaving active subscription seats assigned to inactive users.
LDAP and Active Directory integration is restricted to on-premises deployments only; cloud-hosted private instances support SAML but not directory sync. Teams on cloud plans have no automated provisioning path available at any tier.
Common complaints:
- No SCIM for automated provisioning - user lifecycle management (onboarding/offboarding) must be performed manually in both the Axure Cloud for Business Members page and the Axure License Portal separately.
- LDAP/AD integration is limited to on-premises deployments only; cloud-hosted private instances support SAML only.
- Deactivating a user in Axure Cloud for Business does not automatically unassign their Axure RP subscription seat in the License Portal - admins must perform two separate actions to fully offboard a user.
- No bulk CSV import for user provisioning; users must be added individually or in small batches by email address.
- No domain-based auto-provisioning (whitelisting) for cloud instances; all users must be manually invited.
- The two-account requirement (separate public Axure Cloud account plus Axure Cloud for Business account) adds friction for new user onboarding.
- No documented last-login or seat utilization reporting, making it difficult to identify unused licenses without manual review.
The decision
Axure Cloud for Business is appropriate for design teams that need prototype collaboration and can tolerate fully manual user lifecycle management.
SAML SSO (Okta, Azure AD) is available on Business and Enterprise plans and reduces login friction, but it does not automate provisioning or deprovisioning - users still require manual addition and removal in the admin UI.
Enterprise plan users do not count toward the Cloud for Business monthly user cap, which matters for large orgs mixing RP Enterprise subscribers with Cloud-only collaborators. If automated provisioning is a hard requirement, Axure does not meet it on any current plan.
Bottom line
Axure Cloud for Business requires fully manual user lifecycle management across two separate admin portals - there is no SCIM, no CSV import, and no domain auto-provisioning on any plan.
Every app in your environment that requires clean offboarding will surface this gap: deactivating a user in Cloud for Business does not release their License Portal seat, so both steps must be tracked and executed independently.
Teams with high user turnover or compliance requirements around access revocation should factor this operational overhead into their tooling decisions.
Automate Axure RP workflows without one-off scripts
Stitchflow builds and maintains identity workflows for your exact setup. We cover every app, including the ones without APIs, and run deterministic trigger-to-report workflows with human approvals where they matter.
