Microsoft Clarity User Management

Microsoft Clarity projects support team collaboration with simple, role-based access control. Use this guide to manage who can view, edit, and administer your Clarity projects.

How Clarity Structures Access

Unlike enterprise analytics platforms with complex permission hierarchies, Clarity keeps it simple:

• Project-level access – Users are invited to specific projects, not organization-wide
• Two permission levels – Admin or Member (view-only coming soon)
• Microsoft account required – All users need a Microsoft account (free) to access Clarity

Access Model Overview

Projects are isolated:

• Each website gets its own Clarity project
• Users invited to Project A can't see Project B unless also invited
• No organization-level accounts or billing entities

Permissions are simple:

• Admin – Full control: view data, edit settings, manage users, delete project
• Member – View data and recordings, cannot change settings or manage users

When to Use Multiple Projects

Create separate Clarity projects for:

• Different websites or apps
• Different environments (production vs staging)
• Different brands or business units
• Client projects (agencies managing multiple clients)

Example: E-commerce company with 3 brands

Each team sees only their brand's data, but shared teams (UX, Analysts) are invited to all projects.

Access Requests at a Glance

• Add User Access – Invite team members to a project
• Update Access – Change user permissions or transfer ownership
• Remove Access – Revoke user access when they leave

Add, Update, Remove At a Glance

Add User Access

When to do this:

• New team member joins
• External collaborator (agency, consultant) needs access
• Stakeholder wants to view recordings

What you need:

• User's Microsoft account email
• Permission level to grant (Admin or Member)

Process:

1. Go to project Settings > Users
2. Click Add user
3. Enter email address
4. Select permission level
5. Send invitation

See Add User Access for detailed instructions.

Update Access

When to do this:

• Promote a member to admin
• Transfer project ownership
• Change user's email address

Process:

1. Go to Settings > Users
2. Find user in list
3. Click Edit or role dropdown
4. Update permission level
5. Save changes

See Update Access for detailed instructions.

Remove Access

When to do this:

• Team member leaves the company
• Contract with consultant ends
• Access granted by mistake

Process:

1. Go to Settings > Users
2. Find user in list
3. Click Remove or trash icon
4. Confirm removal

See Remove Access for detailed instructions.

Permission Levels Explained

Admin

Can do:

• View all session recordings and heatmaps
• Access all reports and insights
• Edit project settings (name, URL, privacy settings)
• Manage users (add, remove, change permissions)
• Integrate with Google Analytics
• Delete the project (irreversible)

Use admin for:

• Project owners
• Technical leads
• Trusted team members responsible for configuration

Member

Can do:

• View all session recordings and heatmaps
• Access all reports and insights
• Filter and analyze data
• Share session URLs with teammates

Cannot do:

• Edit project settings
• Manage users
• Change integrations
• Delete project

Use member for:

• Analysts and marketers who need read-only access
• Stakeholders reviewing data
• External collaborators who shouldn't change settings

Owner (Special Admin Role)

The user who creates a project is the Owner. Owners are admins with one additional power:

• Transfer ownership to another user

Only one owner per project. Ownership can be transferred to another admin.

Collaboration Best Practices

Define Roles Clearly

Document who should have access and why:

Use Descriptive Project Names

Instead of "Project 1" or "Website," use names that clarify ownership:

Good:

• "Marketing Website - Production"
• "E-commerce Checkout - Staging"
• "Client ABC - Homepage Redesign"

Bad:

• "New Project"
• "Test"
• "Untitled"

Audit Access Quarterly

Every 3-6 months:

1. Review Settings > Users
2. Remove users who no longer need access
3. Verify permission levels are still appropriate
4. Update documentation

Protect Admin Access

Do:

• Grant admin only when necessary
• Use member access for stakeholders who just view data
• Document who has admin access and why

Don't:

• Give everyone admin by default
• Leave admin access for departed team members
• Share login credentials (each person should have their own Microsoft account)

Sharing Sessions Without Granting Access

You don't need to invite users to share individual session recordings.

Session URL Sharing

Each session has a unique URL that can be shared:

1. Open a session recording
2. Copy the URL from the browser address bar
3. Share with anyone via email, Slack, etc.

Recipient can:

• Watch that specific session recording
• See session metadata (device, location, duration)

Recipient cannot:

• Access other sessions
• Browse the full Clarity project
• Change settings

Use this for:

• Showing specific issues to developers
• Sharing examples with designers
• Providing evidence to product managers
• One-off collaboration without ongoing access

Privacy Considerations

Session URLs are not password-protected. Anyone with the link can view the session.

Best practices:

• Only share session URLs via secure channels (work email, Slack, Teams)
• Don't post session URLs publicly (GitHub issues, public forums)
• Be aware of what's visible in recordings (sensitive data, customer behavior)
• Use Clarity's masking features to hide sensitive information before sharing

Multi-Project Management

If you manage multiple Clarity projects (e.g., agency managing clients), consider:

Naming Convention

Use a consistent scheme:

• [Client Name] - [Property] - [Environment]
• Examples:
  • "Acme Corp - Main Site - Production"
  • "Acme Corp - Checkout - Staging"
  • "Beta Inc - Marketing Site - Production"

Access Isolation

Keep client data separate:

• Each client gets their own project
• Client users only added to their project
• Agency team added to all client projects
• Document access in a shared spreadsheet or wiki

Billing & Ownership

Clarity is free, so no billing complexity. But consider:

Who should be the owner?

• Agency owns: Agency retains control, easier to manage
• Client owns: Client owns their data, agency invited as admin

Recommendation: Client owns, agency is admin. This ensures data ownership stays with the client if the relationship ends.

Access Management Checklist

When managing a Clarity project, maintain:

Documentation

User Access Log:

Access Change Log:

Review Schedule

Monthly:

• Check for inactive users (haven't logged in recently)
• Confirm recent access grants are still appropriate

Quarterly:

• Full audit of all users
• Remove unnecessary access
• Update documentation

On Employee Departure:

• Immediately remove access
• Document removal
• Transfer ownership if they were the owner

Security & Compliance

Microsoft Account Security

Since Clarity requires Microsoft accounts:

Encourage team to:

• Enable two-factor authentication (2FA) on Microsoft accounts
• Use strong, unique passwords
• Keep accounts up to date

Data Privacy

Clarity project access means:

• Users can see all session recordings (including user behavior, pages visited, errors)
• Some recordings may contain sensitive information despite masking
• Access should be limited to those with legitimate need

Compliance considerations:

• GDPR: Access to user data should be logged and auditable
• Internal policies: Follow your company's data access policies
• Contractual: If using Clarity for client work, check contracts for data access restrictions

Audit Trails

Clarity does not currently provide detailed audit logs of who viewed which sessions.

Workaround:

• Maintain your own access log (spreadsheet or wiki)
• Document when and why access is granted
• Periodically review and remove unnecessary access

Troubleshooting Access Issues

User Didn't Receive Invitation Email

Possible causes:

• Email went to spam folder
• Wrong email address entered
• User's email server blocked the invitation

Solutions:

• Ask user to check spam/junk folder
• Verify email address is correct (check for typos)
• Resend invitation from Settings > Users
• Use a different email address for the user

User Can't Access Project After Accepting Invitation

Possible causes:

• User signed in with different Microsoft account than invited email
• Browser cache/cookies issue

Solutions:

• Ensure user signs in with the exact email address that was invited
• Try incognito/private browsing mode
• Clear browser cache and cookies
• Sign out and sign back in

User Needs Different Permission Level

See Update Access to change permission levels.

Multiple Users Sharing One Microsoft Account (Don't Do This)

Problem: Team tries to share one login to save time

Why this is bad:

• Can't track who did what
• Security risk (password shared among team)
• Violates Microsoft ToS

Solution: Each person should have their own Microsoft account (free to create).

Summary

Microsoft Clarity user management is intentionally simple:

• Project-level access – Invite users to specific projects
• Two permission levels – Admin (full control) or Member (view-only)
• Easy management – Add, update, remove via Settings > Users

Best practices:

• Grant minimum necessary permissions
• Audit access quarterly
• Document who has access and why
• Use session URL sharing for one-off collaboration
• Protect admin access

For detailed workflows:

• Add User Access
• Update Access
• Remove Access

Additional Resources:

• Clarity User Roles Documentation
• Microsoft Account Security