Users are consumers who interact with your organizational applications, databases or any other systems. These users can be a person, a device or another application/program within or outside of the organization's network. Since these users interact with internal systems and access data, the need to define which user is allowed to do what is critical. This is how the concept of user management developed. To enable users to log into the product's management console, you create user accounts and assign them roles, which are sets of permissions. You can add individual users or import users in bulk.
Follow the steps below to create users and assign them to roles that you created in section User Roles in the API Manager.
- Log on to the Management Console and select Users and Roles from the Configure menu.
Click Users in the User Management window that opens.
Click Add New User.
The Add User page opens. Provide the user name and password and click Next. The Domain drop-down list contains all user stores configured for this product instance. By default, you only have the PRIMARY user store. To configure other user stores, see Configuring User Stores.
Select the roles you want to assign to the user. In this example, we assign the user the
creator
role defined in section User Roles in the API Manager.Click Finish to complete. The new use appears in the Users list.
From here, you can change the user's password, assign different roles or delete it. Since the apicreator user is assigned the creator role, it now has permission to create and manage APIs through the API Manager. Similarly, you can create users and assign them the publisher and subscriber roles.
Using the e-mail as the username
When adding a user, if you provide an e-mail address as the username, modify the following files accordingly:
- In
<AM_HOME>/repository/conf/carbon.xml
file, set<EnableEmailUserName>true</EnableEmailUserName>
In
<AM_HOME>/repository/conf/api-manager.xml
file, set<LoginConfig> <UserIdLogin primary="true"> <ClaimUri></ClaimUri> </UserIdLogin> <EmailLogin primary="false"> <ClaimUri>http://wso2.org/claims/emailaddress</ClaimUri> </EmailLogin> </LoginConfig>
In
<AM_HOME>/repository/conf/user-mgt.xml
file, set<UserStoreManager class="org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager"> ... <Property name="IsEmailUserName">true</Property> <Property name="UsernameWithEmailJavaScriptRegEx">[a-zA-Z0-9@._-|//]{3,30}$</Property> ... </UserStoreManager>