Note
For the previous version of User Profiles, see User profiles.
For the previous version of User Profiles, see User profiles.
- View user information
- Add users
- Resend an invitation
- Edit a user’s information
- Enable and disable users
- Manage multi-factor authentication
- Enable single sign-on authentication
Viewing user information
To view user information, go to Control center > User profiles.
To view additional information, including permissions and access levels, select the user row to display the User profile popup window. For more information on user permissions, see Permissions.
Filtering by column
To filter rows by column, enter the sequence of letters you want to filter on in the text box at the top of the column. As you type, the matching rows are filtered dynamically.Adding users
To add a user:1
In the upper-right corner of the dashboard, select Add user.
2
In User details, enter the user’s first and last name and email.

3
For Multi-factor authentication, choose Authentication via SMS or Authentication via Google authentication. For more information, see Managing multi-factor authentication.
4
Select the user’s organization and the programs the user can access.
5
To assign permissions, either assign an access level for each permission or use bulk assign:
- For each permission, select an access level. Access levels that are not available for a permission are grayed.
-
For bulk assign, select Bulk assign and then select the access level for all permissions— No access, View only, or View and edit.

6
Select Add user. The user receives an email invitation to join.
Note
By default, access to personally identifiable information (PII) is denied. Users should be granted the lowest level of access required to fulfill their job responsibilities. Access can only be granted with accordance to your company and the issuing bank’s privacy and information security policies. If a user needs access to PII, contact your Marqeta representative.
By default, access to personally identifiable information (PII) is denied. Users should be granted the lowest level of access required to fulfill their job responsibilities. Access can only be granted with accordance to your company and the issuing bank’s privacy and information security policies. If a user needs access to PII, contact your Marqeta representative.
Permissions
The following table shows the Marqeta Dashboard permissions and available access levels for each. For details on the specific access that each permission provides, see Access level details.Access level details
The following table shows the specific access in the dashboard granted for each permission and access level:Resending an invitation
To resend an invitation:1
Go to Control center > User profiles, and select the row for the user.
2
In the User profile pane, select Resend Invite.
Editing user information
To edit a user’s information:1
Go to Control center > User profiles, and select the row for the user.
2
At the bottom of the User profile pane, select Edit user.
-
Update any of the user’s basic information, or add and remove programs, permissions, or access levels as necessary. For more information, see Permissions.

3
Select Save.
Enabling and disabling users
To enable or disable a user:1
Go to Control center > User profiles, and select the row for the user.
2
At the bottom of the User profile pane, select Edit user.
3
For the Status, select Active or Inactive.
4
Select Save.
Managing multi-factor authentication
Multi-factor authentication (MFA) is an authentication method that requires the user to provide two or more verification factors to gain access. Marqeta Dashboard requires users to have MFA enabled via SMS or Google’s Time-based One Time Password (TOTP) authenticator. To reset or manage a user’s MFA options, you must have the View and Edit access level for the User Profiles privilege.Resetting multi-factor authentication
You should reset the user’s MFA when a user:- Changes their phone number and needs to authenticate using a new phone number using SMS.
- Changes their mobile device and needs to authenticate using a new device with Google authenticator.
- Deletes their Google authenticator code and needs to rescan the QR code using the same device.
1
Go to Control Center > User Profiles.
2
From the list of users, select the user’s row.
3
At the bottom of the User Profile pane, select Edit user to open the User profile panel.

4
In the Multi-factor authentication section, select either Authentication via Google authentication or Authentication via SMS.
5
Select Save.
Switching a user’s MFA option
A user’s MFA option can be switched between SMS and Google Authenticator. Switch a user’s MFA option when the user:- Is not receiving SMS messages and would like to switch to Google Authenticator.
- Is an international user who doesn’t use a US phone number and has trouble receiving SMS.
- Would like to switch from SMS to Google Authenticator or switch from Google Authenticator to SMS.
1
Go to Control center > User Profiles.
2
From the list of users, select the user’s row.
3
At the bottom of the User Profile pane, select Edit User.
4
In the Multi-factor authentication section, select either Authentication via Google authentication or Authentication via SMS.
5
Select Save.
Accessing the Dashboard using MFA
Note
This section describes how users can access the Marqeta Dashboard using multi-factor authentication.
This section describes how users can access the Marqeta Dashboard using multi-factor authentication.
Resetting your MFA access
In some cases, your MFA access may need to be reset—for example, if your device has been lost or stolen. In that case, contact your system administrator to reset your MFA access.Resetting MFA for SMS
If you have SMS MFA enabled and have requested a reset:1
When you attempt to sign into the dashboard, you are prompted to enter a new phone number.

2
Enter your phone number and select SEND VERIFICATION TEXT MESSAGE.
Resetting MFA for Google Authenticator
If you have Google Authenticator MFA enabled and have requested a reset:1
When you attempt to sign into the dashboard, a QR code is displayed.

2
Scan the QR code and select Continue.
Switching your multi-factor authentication option
If you want to switch your MFA option, send a request to your system administrator. You will be prompted to register using either the SMS or Google Authenticator procedure described above.Enabling single sign-on authentication
Single sign-on (SSO) is an authentication method that allows users to log in to multiple applications with one set of credentials. SSO reduces security overhead for system administrators by allowing users to delegate authentication to their external Security Assertion Markup Language 2.0 (SAML 2.0) Identity Provider (IdP) and eliminating the need for users to maintain a separate password to log in to Marqeta Dashboard. When you enable SSO, SSO becomes the exclusive method for your users to log in to Marqeta Dashboard. SSO implementation is based on email domain, so after your email domain is onboarded to SSO, your new and existing users will be automatically provisioned for SSO. You will follow the existing process to add a user in Marqeta Dashboard. Your users will then access Marqeta Dashboard using SSO. If you are a system administrator and prefer your users use SSO, contact your Marqeta representative. Note that email aliases are not valid for SSO with Marqeta Dashboard. Users who use email aliases to access Marqeta Dashboard will lose access after SSO is enabled, so consult with your Marqeta representative if your organization includes such users.Setting up single sign-on authentication
To set up SAML 2.0 authentication in Marqeta Dashboard:1
Share the service provider with your Marqeta representative.Marqeta will provide you with two URLs, one for SSO and another for audience restriction.
2
Add the URLs to your IdP system, which will generate an IdP metadata URL.
3
Share the IdP metadata URL with your Marqeta representative.Marqeta will update the service provider record with the IdP metadata URL.
Accessing the Dashboard using SSO
This section describes how users can access the Marqeta Dashboard using single sign-on (SSO) authentication.Note
The Marqeta Dashboard does not currently support IdP-initiated login flows. Marqeta Dashboard users who log in with SSO methods cannot use the application link on their IdP dashboard to log in.
The Marqeta Dashboard does not currently support IdP-initiated login flows. Marqeta Dashboard users who log in with SSO methods cannot use the application link on their IdP dashboard to log in.