Skip to main content

Documentation Index

Fetch the complete documentation index at: https://radarhq.io/docs/llms.txt

Use this file to discover all available pages before exploring further.

There are two ways someone joins an org: an explicit invitation to their email, or domain auto-join when their email domain matches one your org has allowed.

Inviting a member

Settings → Organization → Members → Invite member. Radar emails the invitee a sign-in link. The invitation is one-time-use, the email match is enforced (you can’t sign in as a different address than the one invited), and it expires after 7 days. If your transactional-email provider is throttling, the invite still works: the Members page shows a “Copy URL” button next to each pending invite so you can share it via Slack / etc.

Pending invites

Pending invites show in Members → Pending. From there owners can:
  • Resend - re-send the invitation email.
  • Copy URL - get the acceptance URL.
  • Revoke - cancel before acceptance.

Removing a member

Owner-only. Members → Active → ⋯ → Remove. The user retains their account and any other org memberships - you’re only revoking this org’s membership. Their PATs scoped to this org are revoked immediately.

Changing a role

Owner-only. Members → Active → ⋯ → Change role. Changes apply on the user’s next request (no forced sign-out).

Domain auto-join

If your team all uses the same email domain, add it to Settings → Organization → Allowed domains to skip the invite flow entirely. New users who sign in with that email domain join automatically with the Default invite role you configured. 
Allowed domains:    acme.com, eng.acme.com
Default role:       member
Free-mail providers (gmail.com, outlook.com, proton.me, etc.) are blocklisted - you can’t auto-join shared domains. Auto-join records an org.member.joined event in the audit log with provisioned_by=domain_auto_join so you can tell auto-joins from explicit invites.

Owners still need explicit promotion

Auto-joined users always get the default invite role (typically member). The system never promotes anyone to owner via auto-join - that always requires explicit role assignment.

Invitation flow under SSO

When the org has an SSO connection configured, invitations and domain auto-join still work - they’re additive. A user invited by email but who arrives via SSO will be matched on their verified email, and the invitation will resolve. For pure SSO orgs that want only SSO sign-ins (no email magic-link), restrict the IdP side to your domain - or set up domain auto-join with the IdP’s verified email and skip the invitation flow.

See also