User Management in Grist?

In grist-core, i seem unable to figure out how to manage users and their access permissions at the top level: the Grist Instance.

Currently, any authenticated user is able to create new sites (personal/team).

How can i add users to Grist with restricted access permissions?