Mixpanel User Management Guide

• Model type: role-based
• Description: Mixpanel uses a two-tier role-based model: organization-level roles (Owner, Admin, Member) and project-level roles (Owner, Admin, Analyst, Consumer). A user's effective access is the combination of their org role and any project-specific role assignments. There are no custom roles; permissions are fixed per role.
• Custom roles: No
• Custom roles plan: Not documented
• Granularity: Role-level only. Permissions are predefined per role at both org and project scope. No field-level or report-level permission granularity beyond role boundaries.

1. Log in as an Org Owner or Org Admin.
2. Navigate to the Organization Settings page (mixpanel.com/settings/org).
3. Click 'Users & Teams' in the left sidebar.
4. Click 'Invite Users'.
5. Enter the invitee's email address.
6. Select the organization-level role (Admin or Member).
7. Optionally, select one or more projects to add the user to and assign a project-level role for each.
8. Click 'Send Invite'. The invitee receives an email and must accept to gain access.
9. For project-only invites: navigate to Project Settings → Access, click 'Add Users', enter email, select role, and save.

Required fields: Email address, Organization role (Admin or Member), Project role (if adding to a project)

Watch out for:

• Invitees must accept the email invitation before they appear as active users; pending invites are shown separately.
• If SSO with IDP Managed Access is enabled on Enterprise, users should be provisioned via the IDP rather than manual invite to avoid sync conflicts.
• Adding a user at the org level does not automatically grant them access to any project; project access must be assigned explicitly.
• Users invited to a project who do not yet have an org-level account will be created as Org Members automatically.

• Can delete users: Yes
• Delete/deactivate behavior: Mixpanel allows removing (deleting) users from the organization or from individual projects. Removing a user from the org revokes all access across all projects. There is no 'deactivate' state distinct from removal; the user is simply removed. If SCIM/IDP Managed Access is enabled, deprovisioning in the IDP removes the user from Mixpanel automatically.

1. Log in as an Org Owner or Org Admin.
2. Navigate to Organization Settings → Users & Teams (mixpanel.com/settings/org/users).
3. Locate the user in the member list.
4. Click the three-dot (⋯) menu next to the user's name.
5. Select 'Remove from Organization'.
6. Confirm the removal in the dialog. The user loses all org and project access immediately.
7. To remove from a single project only: go to Project Settings → Access, find the user, click the three-dot menu, and select 'Remove from Project'.

Watch out for:

• Removing a user does not delete their historical activity or the data they sent to Mixpanel.
• If the user was the sole Project Owner, the project will have no owner until an Org Admin reassigns the role.
• With IDP Managed Access enabled, removing a user in Mixpanel manually may be overridden at next IDP sync if the IDP account is still active; deprovision in the IDP first.
• Personal API tokens created by the removed user will stop working; any automations using those tokens must be updated.

• Where to check usage: Organization Settings → Plan & Billing (mixpanel.com/settings/org/billing) shows current event consumption and plan details.
• How to identify unused seats: Navigate to Organization Settings → Users & Teams to view all org members and their last-seen activity. There is no built-in 'inactive user' report; admins must manually review the user list or use the Mixpanel API to query user activity.
• Billing notes: Mixpanel bills on event volume, not per user seat. Adding or removing users has no direct impact on the monthly bill. Annual prepay discounts of 10–15% are available. Nonprofit and startup discounts of 50–90% off are available through Mixpanel's programs. Enterprise pricing is negotiated annually.

Mixpanel bills on event volume, not per user seat, so adding or removing users has no direct impact on the monthly bill. However, the administrative overhead of manual provisioning scales with headcount, not with event volume.

There is no bulk CSV import for users and no domain-based auto-join. Large organizations on Free or Growth plans must invite users one at a time. Identifying inactive users requires manually reviewing the Users & Teams list or querying the API, since there is no built-in inactive-user report.

The most consistent friction point reported by Mixpanel admins is that SCIM is gated behind Enterprise, leaving Growth-plan teams without any automated user lifecycle tooling.

A related complaint is IDP sync drift: users deprovisioned in the IDP can retain active Mixpanel access until an admin manually removes them, if IDP Managed Access is not enabled.

The fixed role set is frequently cited as too coarse. Organizations that need granular, report-level or data-view-level permissions have no path to that without upgrading to Enterprise and using Data Views.

Org Admins silently self-adding to any project is a recurring surprise for project owners who expect project-level isolation.

Common complaints:

• SCIM provisioning is restricted to Enterprise plan only, leaving Growth plan customers without automated user lifecycle management.
• Without IDP Managed Access enabled, Mixpanel and the IDP can fall out of sync-users deprovisioned in the IDP may retain Mixpanel access until manually removed.
• No custom roles available; the fixed role set (Owner, Admin, Analyst, Consumer) is considered too coarse for organizations needing granular permissions.
• No CSV bulk-import for users; large organizations must invite users one at a time or rely on SCIM (Enterprise only).
• No domain-based auto-join or domain whitelisting to automatically add users from a verified domain.
• Org Admins can silently add themselves to any project, which surprises project owners who expect project-level isolation.
• No native inactive-user report; identifying unused accounts requires manual review or API scripting.
• Personal API token invalidation on user removal can silently break integrations if not proactively managed.

Stay on manual administration if your team is small, your plan is Free or Growth, and user turnover is low. The invite flow is straightforward, and since Mixpanel does not charge per seat, there is no billing penalty for delayed offboarding - only a security exposure.

Move to SCIM if you are on Enterprise, have SSO configured, and need reliable, auditable offboarding. IDP Managed Access is the recommended configuration: it makes the IDP the authoritative source and prevents the sync-drift problem.

Note that project-level role assignments are not fully controlled via SCIM and must be managed separately or via IDP group-to-role mappings.

Bottom line

Mixpanel's manual user management is functional for small teams but does not scale without Enterprise-tier SCIM. The two-tier role model is straightforward to understand but inflexible - every app decision around access control will hit the ceiling of the fixed role set.

The most important operational risk is IDP sync drift on non-Enterprise plans: without automated deprovisioning, offboarded employees can retain access indefinitely unless an admin catches it manually.