Summary and recommendation
Linear user management can be run manually, but complexity usually increases with role models, licensing gates, and offboarding dependencies. This guide gives the exact mechanics and where automation has the biggest impact.
Linear's user management lives under Workspace Settings → Members, reachable at https://linear.app/[workspace-slug]/settings/members. The permission model is role-based with three workspace-level roles - Admin, Member, and Guest - layered on top of team-level membership scoping. There are no custom roles or granular permission sets beyond these built-in options.
SCIM provisioning and SAML SSO are gated to the Enterprise plan at custom pricing. All lower tiers (Free, Basic, Business) rely on manual invite flows or domain-based auto-join configured by an Admin. Every app in your stack that lacks automated provisioning falls back to this same manual loop.
Quick facts
| Admin console path | Workspace Settings → Members (accessible via the workspace name in the sidebar → Settings) |
| Admin console URL | Official docs |
| SCIM available | Yes |
| SCIM tier required | Enterprise |
| SSO prerequisite | Yes |
User types and roles
| Role | Permissions | Cannot do | Plan required | Seat cost | Watch out for |
|---|---|---|---|---|---|
| Admin | Full workspace control: invite/remove members, manage billing, configure SSO/SCIM, manage integrations, create and delete teams, change workspace settings. | All plans | Counts as a full billable seat | Only Admins can configure SAML/SCIM and manage billing. There is no separate 'Billing Admin' role. | |
| Member | Create and edit issues, projects, and cycles within teams they belong to. Can be added to multiple teams. | Cannot manage workspace settings, billing, SSO, or invite members to the workspace (unless granted team-level invite rights). | All plans | Counts as a full billable seat | Members only see teams they have been added to; private teams are not visible unless explicitly invited. |
| Guest | Access limited to specific teams or projects they are explicitly invited to. Can view and comment; edit rights depend on team settings. | Cannot access workspace-wide settings, other teams, or billing. Cannot create new teams. | Business and Enterprise plans | Guests do not consume a full paid seat; pricing details for guest seats are not publicly itemized | Guest access scope is limited to the specific team or project invitation. Guests invited via email must accept the invitation before gaining access. |
| Viewer (read-only) | Can view issues, projects, and cycles within assigned teams. Cannot create or edit content. | Cannot create issues, comment, or modify any workspace content. | Business and Enterprise plans | Viewer role availability and exact seat cost are not fully documented in public-facing docs; verify with Linear sales for Enterprise. |
Permission model
- Model type: role-based
- Description: Linear uses a workspace-level role system (Admin, Member, Guest) combined with team-level membership. Access to content is scoped by team membership. Private teams restrict visibility to explicit members only. There are no custom roles or granular permission sets beyond the built-in roles.
- Custom roles: No
- Custom roles plan: Not documented
- Granularity: Workspace-level roles (Admin/Member/Guest) plus team-level membership scoping. No field-level or object-level permission granularity.
How to add users
- Navigate to Workspace Settings → Members.
- Click 'Invite members'.
- Enter the invitee's email address.
- Select the role to assign (Admin or Member).
- Optionally select which teams to add the user to at invite time.
- Click 'Send invite'. The invitee receives an email invitation and must accept it to join.
Required fields: Email address, Role (Admin or Member)
Watch out for:
- Invited users are not billable until they accept the invitation and log in for the first time.
- On the Free plan, workspace membership is capped; check plan limits before inviting.
- Domain-based auto-join (allowlisting) is available but must be configured by an Admin; users joining via domain allowlist are added as Members by default.
- SCIM-provisioned users are only billable after their first login (as of August 2025 policy).
- Guests can only be invited at the team or project level, not at the workspace invite screen.
| Bulk option | Availability | Notes |
|---|---|---|
| CSV import | No | Not documented |
| Domain whitelisting | Yes | Automatic domain-based user add |
| IdP provisioning | Yes | Enterprise |
How to remove or deactivate users
- Can delete users: No
- Delete/deactivate behavior: Linear does not offer a hard-delete for workspace members. Admins can remove (deactivate) a member from the workspace, which revokes access. The user's historical data (issues created, comments, assignments) is retained and attributed to them. There is no permanent account deletion available to workspace admins.
- Navigate to Workspace Settings → Members.
- Locate the member to remove.
- Click the '...' (more options) menu next to their name.
- Select 'Remove from workspace'.
- Confirm the removal. The user loses access immediately.
| Data impact | Behavior |
|---|---|
| Owned records | Issues, projects, and cycles created by the removed user remain in the workspace and retain the original creator attribution. They are not deleted or reassigned automatically. |
| Shared content | Comments and activity history authored by the removed user remain visible in the workspace. |
| Integrations | Any personal integrations (e.g., GitHub, Slack linked to that user) are disconnected. Workspace-level integrations are unaffected. |
| License freed | The seat is freed immediately upon removal; the billing cycle adjustment depends on the plan (monthly vs. annual). Annual plans may not prorate mid-cycle - verify with Linear billing. |
Watch out for:
- Removing a user does not reassign their open issues; Admins must manually reassign issues before or after removal.
- If the removed user was the sole Admin, another member must be promoted to Admin first to avoid losing admin access.
- SCIM-managed users removed via IdP deprovision are deactivated in Linear automatically, but historical data is retained.
- There is no 'suspend' or 'deactivate without removing' option in the UI - removal is the only way to revoke access manually.
License and seat management
| Seat type | Includes | Cost |
|---|---|---|
| Member seat | Full access to workspace features per plan tier. Applies to Admin and Member roles. | Free: $0 (up to plan limits); Basic: $8/user/month ($6.40/user/month billed annually); Business: $12/user/month ($9.60/user/month billed annually); Enterprise: custom pricing |
| Guest seat | Limited access to specific teams or projects. Available on Business and Enterprise plans. | Not publicly itemized; guests are not counted as full seats but exact guest pricing is not documented publicly |
- Where to check usage: Workspace Settings → Members (shows current member count and roles); Workspace Settings → Billing (shows seat count and current plan usage)
- How to identify unused seats: Linear does not provide a built-in 'last active' or 'last login' report in the admin UI. Admins must manually review member activity or use SCIM/IdP logs to identify inactive users. No native unused-seat report is available.
- Billing notes: Seats are billed per active member. SCIM-provisioned users are not billed until first login (policy as of August 2025). Annual plans are paid upfront; mid-cycle additions are prorated but removals may not generate credits - confirm with Linear billing. Nonprofits receive up to 75% discount. Eligible startups may receive up to 6 months free.
The cost of manual management
Without SCIM, inviting a user requires navigating to Settings → Members, entering an email, selecting a role, and optionally assigning teams - then waiting for the invitee to accept before they appear as active. Removing a user has no suspend or deactivate state; the only option is full removal from the workspace.
Open issues are not automatically reassigned on removal, so Admins must handle cleanup manually before or after offboarding. Linear provides no built-in last-login or seat activity report, meaning identifying inactive members requires manually reviewing the member list or cross-referencing IdP logs.
What IT admins are saying
Recurring friction points reported by admins center on three areas: pricing opacity, access control gaps, and offboarding friction.
Enterprise pricing is not publicly listed, requiring a sales conversation before SCIM or SAML can be evaluated. Guest seat pricing on the Business plan is similarly undocumented, complicating cost forecasting.
The absence of a suspend or deactivate state is a consistent complaint - removal is binary, and there is no way to temporarily revoke access without fully ejecting a user and losing their team assignments.
Common complaints:
- Enterprise pricing is not publicly listed; requires contacting sales for a quote.
- SAML SSO must be configured and enabled before SCIM provisioning can be set up - SCIM cannot be used independently.
- No built-in last-login or seat activity report makes it difficult to identify and reclaim unused seats.
- No 'suspend' or 'deactivate' state for users - the only option to revoke access is full removal from the workspace.
- Removed users' open issues are not automatically reassigned, requiring manual cleanup.
- Guest seat pricing is not transparently documented, making cost forecasting difficult for Business plan customers.
- No custom roles or granular permission sets; the three-role model (Admin/Member/Guest) is considered too coarse for larger organizations.
- Domain allowlisting adds users as Members by default with no option to set a different default role at join time.
- Limited IdP support for SCIM - Google Workspace is not supported for SCIM provisioning.
The decision
Manual management is viable for small teams on Free, Basic, or Business plans where headcount is stable and offboarding volume is low. The invite flow is straightforward, and domain-based auto-join reduces friction for onboarding. Every app in your portfolio that lacks automated provisioning adds to the manual review burden over time.
The calculus shifts when your team grows, turnover increases, or compliance requires auditable provisioning. The lack of a last-login report and the absence of a suspend state create real operational gaps at scale.
SCIM on Enterprise resolves provisioning and deactivation automation but requires SAML SSO as a prerequisite and involves custom pricing negotiation. Teams should confirm SCIM token setup and IdP compatibility - Okta, Entra ID, and OneLogin are documented; Google Workspace is not officially supported - before committing to Enterprise for this use case.
Bottom line
Linear's manual user management is functional for small, stable teams but accumulates operational debt quickly as headcount grows.
Every app in your portfolio that lacks automated provisioning adds to the manual review burden, and Linear's missing suspend state, absent activity reports, and undocumented guest pricing make it harder to maintain a clean, auditable roster without investing in the Enterprise SCIM path.
Automate Linear workflows without one-off scripts
Stitchflow builds and maintains end-to-end IT automation across your SaaS stack, including apps without APIs. Built for exactly how your company works, with human approvals where they matter.
