User Management, CSV Import, and Employee Onboarding

Every security awareness training program is only as effective as the user data behind it. If your employee list is out of date, people who have left are still receiving training invitations, new joiners are not getting enrolled, and your phishing simulation results include people who should not be there. empowsec gives IT teams and HR administrators several ways to keep that employee list accurate: individual user creation, bulk CSV import, API-based provisioning, and SSO auto-provisioning on first login. Whatever your organization's size and workflow, there is a path to maintaining a clean and current user directory.
This article explains how user management works in empowsec - from adding the first user to bulk-importing hundreds from a spreadsheet, organizing them into departments and groups, assigning the right roles with granular permissions, and making sure every new employee gets the onboarding experience they need to get started quickly.
Adding Users: One at a Time or by the Hundreds
For smaller organizations or situations where you need to add a specific person quickly, empowsec supports adding users individually. You provide the name, email address, department, and any other relevant details, and the user is created immediately. They receive a welcome email with instructions to complete their registration, and any onboarding reminders follow automatically.
For larger organizations or during initial setup, adding users one by one is impractical. empowsec supports bulk import from a CSV file, which is the most common format for employee data exports from HR systems and identity directories. You upload the CSV, empowsec maps the columns to the right fields - name, email address, department, and any other supported attributes - and the import creates all the user accounts in a single operation. The column mapping preview lets you verify the mapping looks correct before committing, which helps catch common issues like swapped name columns or mismatched department names before they affect your user data.
Departments and Groups: Organizing Your People
Once users are in empowsec, organizing them effectively is what makes targeted training and accurate reporting possible. empowsec supports two organizational structures: departments and groups.
Departments reflect the formal organizational structure of your company - Finance, Engineering, Marketing, and so on. As covered in the department management article, departments enable scoped analytics for managers, mandatory course assignments that apply to all members, and filtering across phishing simulation results and risk scores. Every user should be placed in a department, because it is the primary organizational unit that drives reporting and targeted assignment.
Groups offer a more flexible overlay. A group can cut across departments to represent a project team, a location, a role category, or any other logical grouping you want to target for a specific training campaign or phishing simulation. Groups give you targeting precision beyond what department-level assignment allows, which is particularly useful in larger organizations where a single department may contain many subsets of people with very different training needs.
Both departments and groups can be targeted when building phishing simulation campaigns and assigning courses, giving administrators fine-grained control over who gets what, and when.
Roles and Permissions: Getting Access Right
empowsec has a granular permission system that lets you define exactly what each person in your organization can see and do. Built-in roles cover common access patterns - end user, department manager, company administrator - and custom roles let you assemble any combination of permissions when the built-in options do not quite fit.
The custom role system is particularly valuable for organizations with complex team structures. A company might want a training content editor who can create and edit training modules but cannot access phishing simulation results or billing. Or a reporting-only role for a compliance officer who needs to pull completion reports but should not be able to modify any settings. Custom roles make these configurations possible without having to grant full admin access to people who only need a subset of capabilities.
Assigning the right roles from the start also reduces the surface area of risk. Least-privilege access is a foundational security principle, and it applies to your security awareness platform just as it does to any other system. When users only have access to what they need, the impact of a compromised account or an honest mistake is contained.
Onboarding: Welcome Emails and Registration Reminders
Adding users to empowsec is only the beginning of the onboarding process. New users need to complete their registration to access the platform - set a password, verify their email address, and configure any required settings. empowsec sends new users a welcome email that guides them through this process, and if a user has not completed registration after a period of time, empowsec sends registration reminder emails to nudge them along.
This automated onboarding flow means that the responsibility for chasing down new users who have not yet registered does not fall entirely on the administrator. empowsec handles the follow-up automatically. For organizations that onboard new employees frequently, this removes a recurring manual task from the IT or HR team's workload and ensures new joiners are not left waiting indefinitely for their first training assignment to become accessible.
The onboarding experience also sets the tone for the employee's relationship with the platform. A clear welcome email that explains what empowsec is for, what they will be asked to do, and how to get started reduces confusion and resistance. Employees who understand why they are receiving training are more likely to engage with it seriously than those who receive a login link with no context.
API and SSO: Automated Provisioning at Scale
For organizations with automated HR workflows or identity management systems, manually importing a CSV whenever employees join or leave is still not the right approach. empowsec addresses this through two automated provisioning paths.
The first is the API. empowsec provides a versioned REST API that supports bulk user import, so you can build a direct integration between your HR system and empowsec. When a new employee is added to your HR system, your integration can immediately provision them in empowsec, assign them to the right department and group, and trigger the onboarding email flow. When an employee leaves, the integration can deactivate their account. This keeps your empowsec user directory in continuous sync with your source of truth without any manual steps.
The second path is SSO auto-provisioning. When SSO is configured for your empowsec domain, users who sign in via SSO for the first time are automatically provisioned in empowsec. Their account is created on the spot, populated with the attributes from the SSO identity provider, and they are placed in the right department based on attribute mapping. This is particularly useful in organizations where SSO is the standard sign-in method, because it means empowsec user provisioning happens as a natural side effect of the employee's first login - with no manual step required.
What This Means for Your Team
- Individual user creation and CSV bulk import give you the flexibility to add employees one at a time or in large batches, with a column mapping preview to catch import errors before they affect your data.
- Departments and groups provide the organizational structure that makes targeted phishing simulations, course assignments, and scoped reporting possible.
- Granular permission system and custom roles let you give each person exactly the access they need - no more, no less - without falling back to full admin access for everyone.
- Automated onboarding via welcome emails and registration reminders ensures new users are not left stranded waiting to complete setup.
- API bulk import and SSO auto-provisioning enable continuous, automated synchronization between your HR system or identity provider and empowsec, eliminating recurring manual effort.


