Users & Seats
Auto-Provisioning
Section titled “Auto-Provisioning”When a user logs in for the first time, Broch automatically creates a user record. There is no approval workflow — provisioning is immediate on first successful SSO login, as long as a valid license is active.
The user record is populated from claims in the OIDC token:
| Field | Source claim (first match wins) |
|---|---|
email, preferred_username (if email-like), upn, sub (if email-like) | |
| Display name | name, given_name + family_name, email prefix |
Email and display name are stored with the seat record so admins can search for users by name or email, and identify whose seat to revoke or delete. If the email cannot be determined from the token, provisioning still succeeds using the subject claim as the identity key.
Auth0 note: Auth0 access tokens do not include email, name, or role claims by default. A Post-Login Action is required to add them — see the Auth0 identity provider guide.
A seat grants a user access to a Broch feature:
- Share seat — the user can expose local services via inbound tunnels
- Access seat — the user can connect to remote services via outbound tunnels
Seats are initially unassigned (null). On first use of a feature, a seat is auto-assigned if the license has capacity. If the license is at capacity, the user must be granted a seat manually by an admin.
Managing Seats
Section titled “Managing Seats”In the admin dashboard, navigate to Users. You can:
- Search and filter users by email or display name
- Grant or revoke Share and Access seats individually
- Delete a user record entirely
- Anonymize a user (hashes PII while preserving the audit trail — use for GDPR deletion requests)
Terms of Service
Section titled “Terms of Service”If Terms of Service are enabled in Settings, users must accept the current terms before they can use any feature. Acceptance is tracked per terms version — updating the terms content automatically generates a new version and requires re-acceptance from all users.