# Administration Overview {% hint style="info" %} **Who is this for?** Engineering Managers, IT Administrators, and VPs of Engineering configuring team access, authentication, and enterprise security controls. {% endhint %} This section covers everything a ContextQA workspace administrator needs to configure and maintain the platform: user management, authentication, storage, backups, and system auditing. *** ## In This Section | Page | What you'll learn | | ------------------------------------------------------------------------------------------ | --------------------------------------------------------- | | [Roles & Permissions](https://learning.contextqa.com/administration/roles-and-permissions) | User roles, permission scopes, and access control | | [Team Management](https://learning.contextqa.com/administration/team-management) | Inviting users, managing seats, and organization settings | *** ## Settings Navigation All administration settings are accessible under the **Settings** menu: | Setting | Route | Purpose | | --------------------- | --------------------------------- | ------------------------------------------------ | | User Management | `/settings/user-managemant` | Invite users, assign roles, deactivate accounts | | Organization Settings | `/settings/organization_setting` | Org name, logo, default preferences | | SSO / Authentication | `/settings/auth` | SAML 2.0 and OAuth SSO configuration | | Storage | `/settings/storage` | File and artifact storage configuration | | Backups | `/settings/backups` | Backup schedules and restore points | | System Audit Logs | `/settings/system-audits` | Platform-wide activity audit trail | | Provisioning Profiles | `/settings/provisioning_profiles` | iOS code signing certificates for mobile testing | *** ## Key Administrative Tasks ### Inviting a new user 1. Go to **Settings → User Management**. 2. Click **+ Invite User**. 3. Enter the user's email address and select their role. 4. Click **Send Invitation**. The user receives an email with an activation link. They must activate within 7 days before the invitation expires. ### Configuring SSO ContextQA supports SAML 2.0 for enterprise SSO with providers such as Okta, Azure Active Directory, and Google Workspace. 1. Go to **Settings → Authentication**. 2. Enter your IdP metadata URL or upload the XML metadata file. 3. Configure attribute mappings (email, first name, last name). 4. Enable SSO and test with a single user before rolling out to the team. See your IdP documentation for the ContextQA entity ID and ACS URL needed to complete the IdP-side configuration. ### Reviewing audit logs The system audit log records all significant platform events: user logins, permission changes, test case creation/deletion, integration configuration changes, and API key generation. 1. Go to **Settings → System Audits**. 2. Filter by user, event type, or date range. 3. Export to CSV for compliance reporting. *** ## Related Pages * [Team Management](https://learning.contextqa.com/administration/team-management) * [Roles & Permissions](https://learning.contextqa.com/administration/roles-and-permissions) * [Integrations Overview](https://learning.contextqa.com/integrations/integrations) {% hint style="info" %} **Enterprise-ready: SSO, RBAC, and centralized access management.** [**Book an Enterprise Demo →**](https://contextqa.com/book-a-demo/) — Get a walkthrough of enterprise controls, SSO setup, and compliance features for your organization. {% endhint %}