Summary and recommendation
Concord user management can be run manually, but complexity usually increases with role models, licensing gates, and offboarding dependencies. This guide gives the exact mechanics and where automation has the biggest impact.
Concord is a contract lifecycle management (CLM) platform with a role-based permission model covering three user types: Account Admin, Standard User (Member), and Guest (External Signer). User management lives entirely in Settings → Users & Permissions at app.getconcord.com/settings/users, accessible only to Account Admins.
There is no secondary admin tier, no custom roles, and no field-level permission granularity documented.
Access is controlled at two levels: account-level role assignment and workspace membership. A Standard User assigned to no workspace will have no document visibility until manually added. Guests are free and unlimited across all plans, but their access is scoped to a single shared document and they hold no persistent account login.
Quick facts
| Admin console path | Settings → Users & Permissions (accessible to Account Admins only) |
| Admin console URL | Official docs |
| SCIM available | No |
| SCIM tier required | Starting at $399/month |
| SSO prerequisite | No |
User types and roles
| Role | Permissions | Cannot do | Plan required | Seat cost | Watch out for |
|---|---|---|---|---|---|
| Account Admin | Full account control: invite/remove users, manage roles and permissions, configure SSO/MFA, manage billing, access all documents and templates, manage integrations. | All plans (Essentials, Business, Enterprise) | Counts as a paid seat; Essentials ~$39–$49/user/month, Business ~$54/user/month (annual billing) | Only Account Admins can manage user roles and account-level settings; there is no secondary admin tier documented. | |
| Standard User (Member) | Create, edit, send, and sign contracts; access shared workspaces and templates; collaborate on documents per workspace permissions. | Cannot manage account settings, billing, or other users; cannot configure SSO or integrations. | All plans | Counts as a paid seat; Essentials ~$39–$49/user/month, Business ~$54/user/month (annual billing) | Document-level access is further controlled by workspace membership and document sharing settings, so a Standard User may not see all contracts by default. |
| Guest (External Viewer/Signer) | View and sign documents they are explicitly invited to; limited to the specific document shared with them. | Cannot create contracts, access workspaces, use templates, or see any other account content. | All plans | Free; does not consume a paid seat | Guests are external counterparties or reviewers only. They do not have a persistent login to the Concord account; access is document-scoped. |
Permission model
- Model type: role-based
- Description: Concord uses a role-based model with account-level roles (Admin, Standard User, Guest) combined with workspace-level access controls. Workspace membership determines which contracts and templates a user can see and edit within the account.
- Custom roles: No
- Custom roles plan: Not documented
- Granularity: Two levels: account-level role assignment and workspace-level membership. Document sharing can be further restricted per document. No field-level or custom-role granularity documented.
How to add users
- Log in as an Account Admin.
- Navigate to Settings → Users & Permissions.
- Click 'Invite Users' or 'Add User'.
- Enter the invitee's email address.
- Select the role (Admin or Standard User).
- Optionally assign the user to one or more workspaces.
- Click 'Send Invitation'. The invitee receives an email to accept and set a password.
Required fields: Email address, Role selection (Admin or Standard User)
Watch out for:
- Invitations must be accepted by the recipient before the user appears as active; pending invitations still consume a seat allocation on some plans.
- Workspace assignment at invite time is optional but recommended; users not added to a workspace will have no document access until assigned.
- SSO-enabled accounts may require users to authenticate via the configured IdP on first login rather than setting a Concord password.
| Bulk option | Availability | Notes |
|---|---|---|
| CSV import | No | Not documented |
| Domain whitelisting | No | Automatic domain-based user add |
| IdP provisioning | Yes | SSO is documented as available on Business and Enterprise plans; IdP-based provisioning (Okta, Entra ID) is available where SSO is configured, but automated SCIM provisioning is not documented. |
How to remove or deactivate users
- Can delete users: No
- Delete/deactivate behavior: Concord's documented approach is to deactivate (remove) a user from the account, which revokes their access. Full deletion of the user record is not documented as a self-serve option. Contracts and documents the user created or participated in are retained.
- Log in as an Account Admin.
- Navigate to Settings → Users & Permissions.
- Locate the user in the member list.
- Click the options menu (three dots or 'Remove') next to the user.
- Confirm removal. The user loses account access immediately.
| Data impact | Behavior |
|---|---|
| Owned records | Contracts and documents created by the removed user remain in the account and are accessible to Admins and workspace members. Ownership is not automatically transferred. |
| Shared content | Shared workspaces and documents the user was a member of remain intact; the user is simply removed from access lists. |
| Integrations | Any personal integration tokens or connected accounts for that user (e.g., Salesforce, Slack) may be disconnected; account-level integrations are unaffected. |
| License freed | The seat is freed upon removal and the count against the plan's user limit decreases. Billing adjustments depend on the billing cycle and plan terms. |
Watch out for:
- There is no documented automatic reassignment of owned contracts to another user; Admins should manually reassign or verify document ownership before removing a user.
- Removing the only Account Admin locks administrative access; ensure at least one other Admin exists before removal.
- Deactivated users are not listed in a separate 'deactivated' view per available documentation; recovery may require contacting Concord support.
License and seat management
| Seat type | Includes | Cost |
|---|---|---|
| Paid Seat (Admin or Standard User) | Full contract creation, editing, sending, signing, workspace access, and collaboration features per plan tier. | Essentials: ~$39–$49/user/month (annual); Business: ~$54/user/month (annual); Enterprise: custom pricing. Base plans include 5 users (Essentials) or a negotiated minimum (Enterprise). |
| Guest / External Signer | View and sign specific documents shared with them. No workspace or account access. | Free; unlimited guests included on all plans. |
- Where to check usage: Settings → Users & Permissions (shows active user count and pending invitations)
- How to identify unused seats: No automated last-login or activity report is documented in the help center. Admins must manually review the user list for inactive accounts; no built-in 'unused seat' detection is documented.
- Billing notes: Annual billing is the primary model. The Essentials plan starts at $399/month (includes 5 users); Business at $699/month. Additional users are billed per seat per month on top of the base price. Unlimited eSignatures are included on all plans. No setup or onboarding fees documented. Mid-cycle seat additions may be prorated; reductions typically take effect at renewal.
The cost of manual management
Every app in your stack that lacks automated provisioning adds recurring admin overhead, and Concord is no exception. Invitations must be manually sent per user, workspace assignment is a separate step, and there is no built-in last-login or activity report to surface unused seats.
Removing a user does not trigger automatic contract reassignment. Admins must manually audit document ownership before offboarding, or risk orphaned contracts with no clear owner. Identifying inactive paid seats requires a manual review of the user list, since no 'unused seat' detection is documented in the help center.
The Essentials plan starts at $399/month (5 users included) with additional seats at approximately $39–$49/user/month on annual billing. The Business plan is $699/month with seats at approximately $54/user/month. Mid-cycle seat additions may be prorated; reductions typically take effect at renewal.
What IT admins are saying
G2 reviewers flag that the workspace and permissions model can be disorienting for new admins, particularly around document visibility defaults for newly invited users.
The absence of a prompt to reassign contracts during user removal is a recurring friction point, with some teams discovering orphaned documents only after the fact.
The lack of built-in activity reporting is the most commonly cited operational gap: without last-login data, cost optimization requires manual effort. Public documentation on SSO and MFA configuration is limited, and SCIM is not documented anywhere in Concord's official help center.
Common complaints:
- Limited public documentation on SSO/SCIM configuration details.
- G2 reviewers note that the permissions and workspace model can be confusing for new admins, particularly around document visibility defaults.
- Some users report that removing a user does not prompt for document reassignment, leaving orphaned contracts.
- No built-in reporting on user activity or last login makes it difficult to identify inactive seats for cost optimization.
The decision
Concord's manual user management is workable for small, stable teams where contract ownership is well-defined and admin turnover is low. The two-level permission model (account role + workspace membership) is sufficient for most CLM use cases without requiring custom role configuration.
The model breaks down at scale. Every app that grows beyond a handful of active users will accumulate the same problems: no automated offboarding, no seat utilization visibility, and no guardrails against orphaned contracts. Teams with frequent headcount changes or strict access audit requirements will feel this most acutely.
If your organization uses Okta or Microsoft Entra ID, SAML SSO with JIT provisioning is the closest available automation path-but JIT only creates accounts on first login and does not handle deprovisioning. There is no documented SCIM connector to close that gap.
Bottom line
Concord's user management is invite-based and fully manual, with no SCIM, no automated offboarding, and no built-in seat utilization reporting.
The permission model is straightforward-two levels, three roles, no custom tiers-but every lifecycle action from onboarding to offboarding requires an Account Admin to execute it by hand.
Teams that need audit-ready access controls or want deprovisioning to happen automatically when an employee leaves will need to build a manual process around Concord's current toolset, or rely on SAML SSO with JIT provisioning as a partial mitigation.
Automate Concord workflows without one-off scripts
Stitchflow builds and maintains end-to-end IT automation across your SaaS stack, including apps without APIs. Built for exactly how your company works, with human approvals where they matter.
