Summary and recommendation
Whatfix user management can be run manually, but complexity usually increases with role models, licensing gates, and offboarding dependencies. This guide gives the exact mechanics and where automation has the biggest impact.
Whatfix is a digital adoption platform with enterprise-only pricing and no publicly documented SCIM support.
User management is handled through the Whatfix admin console, with SAML 2.0 SSO available as an authentication layer.
Because Whatfix gates its help center behind login, the exact steps for adding, deactivating, or deleting users could not be independently verified from public sources.
Quick facts
| Admin console path | Administration / Settings > Users or Team (exact labels vary by product module) |
| SCIM available | No |
| SCIM tier required | N/A |
| SSO prerequisite | No |
User types and roles
| Role | Permissions | Cannot do | Plan required | Seat cost | Watch out for |
|---|---|---|---|---|---|
| Administrator | Can manage account settings, content access, integrations, and user administration. | Cannot assign capabilities outside the licensed Whatfix modules in the tenant. | Public docs do not fully enumerate all built-in role variants. | ||
| Editor / Standard User | Can access and work with the Whatfix content or analytics features exposed to their role. | May not be able to change billing, SSO, or broader tenant administration settings. | Permissions vary by product area and tenant configuration. |
Permission model
- Model type: role-based
- Description: Whatfix appears to use role-based access for tenant administration and product access, but the detailed permission matrix is not publicly documented in full.
- Custom roles: Unknown
- Custom roles plan: Not documented
- Granularity: Expect administrative access to be separated from content authoring or standard user access, with tenant-specific differences.
How to add users
- Log in to Whatfix as an administrator.
- Open the administration or settings area and navigate to users or team management.
- Choose the add or invite user action.
- Enter the user's work email and assign the appropriate role.
- Save the user and complete any SSO or activation steps required by the tenant.
Required fields: Work email address, Role
Watch out for:
- Exact menu names differ between Whatfix product modules and tenant versions.
- If SSO is enabled, the user may still need an upstream IdP assignment.
| Bulk option | Availability | Notes |
|---|---|---|
| CSV import | Unknown | Not documented |
| Domain whitelisting | Unknown | Automatic domain-based user add |
| IdP provisioning | Unknown | Not documented |
How to remove or deactivate users
- Can delete users: Unknown
- Delete/deactivate behavior: Public docs do not clearly document whether Whatfix users are disabled, deleted, or both. Treat lifecycle behavior as tenant-specific unless confirmed in-product.
- Open Whatfix user management as an administrator.
- Locate the user to offboard.
- Deactivate, revoke, or remove the account using the controls available in that tenant.
- Review any content ownership, integrations, or automation associated with that user.
| Data impact | Behavior |
|---|---|
| Owned records | Content, analytics, and configuration remain tenant assets; public docs do not describe user-owned content semantics in detail. |
| Shared content | Shared flows, content, and dashboards remain available to the tenant unless separately removed. |
| Integrations | Review tokens, editor ownership, and integrations separately during admin offboarding. |
| License freed | Seat reuse behavior is contract-dependent and not publicly documented in detail. |
Watch out for:
- Offboarding should include reassignment of authored content or automation where applicable.
License and seat management
| Seat type | Includes | Cost |
|---|---|---|
| Named tenant user | Administrative or standard access to the Whatfix tenant. |
- Where to check usage: Administration / Settings > Users or Team
- How to identify unused seats: Review the tenant roster and any visible last-login or activity information. No public unused-seat report was verified.
- Billing notes: Whatfix uses contract pricing. Public seat costs and self-serve licensing details are not documented.
The cost of manual management
Without SCIM or a public provisioning API, every app in your stack that relies on Whatfix access requires manual admin intervention for onboarding and offboarding. There is no documented way to bulk-provision or bulk-deprovision users programmatically.
This creates compounding overhead as your user base or role structure grows, particularly during org changes or employee departures where timing matters.
The decision
If your team manages access across every app through an IdP like Okta or Azure AD, Whatfix's SAML SSO integration provides session-level access control but does not replace a provisioning workflow. Deprovisioning a user from your IdP will block future logins but may not clean up the Whatfix user record or reclaim a seat.
Buyers should confirm deactivation and deletion behavior, seat reclamation policy, and any JIT provisioning support directly with Whatfix before signing.
Bottom line
Whatfix requires fully manual user lifecycle management with no SCIM, no public REST API for provisioning, and help documentation that is inaccessible without an existing account. SAML SSO is available but covers authentication only - not provisioning or deprovisioning.
Teams with strict access governance requirements should pressure-test offboarding workflows and seat reclamation behavior during the sales process, as none of this is publicly verifiable.
Automate Whatfix workflows without one-off scripts
Stitchflow builds and maintains end-to-end IT automation across your SaaS stack, including apps without APIs. Built for exactly how your company works, with human approvals where they matter.
