In a strongDM organization, there are two types of users: User, and Service Account. A User is an entity that represents any individual member of your organization who can log in to the strongDM GUI and CLI on their local machine or to the Admin UI. A Service Account is a slightly different type of entity that allows for programmatic access to strongDM resources.
Both Users and Service Accounts are provisioned within the Admin UI.
All permanent access privileges are granted to Users through Role Membership, via the Static and Dynamic Access Rules that have been defined for that Role. The Roles that a User belongs to will determine what resources the User can access. The only way to grant access directly to Users is through Temporary Access.