⚠️ Select your experience
The steps to manage guest administrators depend on your interface version. Select a link to skip to the instructions for your version.
Customers who joined Drata on or after Feb 24, 2026 are automatically on the New Experience.
Instructions for the New Experience ⬇️
When to use guest administrators
Invite a guest administrator if you work with a:
Managed Security Service Provider (MSSP)
Virtual CISO (vCISO)
Centralized security/compliance team supporting your workspace
Prerequisites
Only users with the Admin role can invite or remove guest administrators.
Guest administrators have full access to the Drata application, equivalent to an Admin.
For security reasons, you can invite guest administrators only from approved email domains.
Personal email addresses aren't supported for guest administrator invitations.
To approve a new email domain, contact the Drata Customer Success Team.
When access becomes active
After you send an invitation, the guest administrator may not have access immediately. Invitations are processed during a scheduled data sync, and access can take up to 1 hour after the invite is accepted.
Invite a guest administrator
Go to Settings → Organization → Role administration page.
Select the Guest tab, then select the Invite guest button.
Enter the guest administrator's work email address.
Select Invite.
Confirm the invitation when prompted.
What happens next
The guest administrator receives an email invitation.
They must accept the invitation to complete setup.
Until they accept, their status appears as Pending.
Access may take up to 1 hour after acceptance due to scheduled syncing.
Remove a guest administrator
Go to Settings → Organization → Role administration.
Select the Guest tab.
Locate the guest administrator in the table.
Select the ellipsis (⋯), then select Remove access.
Confirm removal when prompted.
Result: The guest administrator is removed and no longer has access to your organization.
Instructions for the Classic Experience ⬇️
You can invite a guest administrator to manage your Drata account if you work with a Managed Security Service Provider (MSSP), a virtual CISO, or operate as a self-managed business unit with a centralized security and compliance team that requires access.
Prerequisites
Only users with a Drata Admin role can invite guest administrators.
Guest administrators have full access to the Drata application, equivalent to Admin roles.
For security reasons, guest administrators can be invited only from approved email domains. To add a new domain, contact the Drata Customer Success Team.
Personal email addresses cannot be used to invite guest administrators.
After an invitation is sent, guest administrators may not have access for up to one hour. Invitations are processed during a scheduled data sync.
Invite a guest administrator
On the Role Administration page, scroll down and select the Guest administrators card.
Enter an email address of the guest administrator you would like to invite, and select the "Invite" button.
Double confirm.
After you send the invitation, the guest administrator receives an email. They must accept the invitation to complete setup. Until then, their status in Drata appears as Pending name set up.
Guest administrators may not have access to your account immediately. A scheduled data sync processes invitations, and access may take up to one hour.
Remove a guest administrator
On the Role Administration page, scroll down and select the Guest administrators card.
Search for the guest administrator in the table and select the 'X' next to their name.
Double confirm.
