Configuring Users

Users are consumers who interact with your organizational applications, databases, and other systems. To enable users to log into the product's management console, you create user accounts and assign them roles, which are sets of permissions. You can add individual users or import users in bulk.

Adding a new user and assigning roles

Follow the instructions below to add a new user account and configure its role.

1. On the Configure tab in the management console, click Users and Roles.
   
2. Click Users. This link is only visible to users with the Admin role.
3. Click Add New User.
4. Do the following:
   
   1. From the Domain drop-down list, select the domain of the user store where you want to create the user. The default is PRIMARY. For more information about the primary user store, see Configuring Primary User Stores.
   2. Enter a unique user name and the password that the person will use to log in. By default, the password must be at least five characters.
   3. Click Next to assign roles to the user. If you click Finish at this stage, the user will be added with the default Internal/everyone role.
5. Optionally, select the role(s) you want this user to have. If you have many roles in your system, you can search for them by name.
6. Click Finish.

A new user account is created with the specified roles and is listed on the Users page.  

Searching for users

You can search for an existing user using the search facility on the Users screen as follows:

1. Select the domain of the user store where you want to search for the user. By default, there are two options as follows:
   
   • PRIMARY: Searches within the primary user store.
   • ALL-USER-STORE-DOMAINS: Searches within all user stores configured in the system.
2. Enter the user name pattern. For example, if you enter "ab*", it returns all users that have usernames starting with "ab".
3. Click Search to see the results.

Importing users

In addition to manually adding individual users, you can import multiple users in bulk if you have exported them to a comma-separated values (.csv) file or Microsoft Excel (.xls) file. It is possible to import the username and password directly from the CSV/Excel to the product. Other user attributes can be imported only if claim URls are defined for such attributes in the product. For example, consider that you have claim URls defined for your product as shown below. These will allow you to import the user's email address, full name, last name, given name and role in addition to the username and password.

The username, password and other attributes (claim URls) that you import should be given in a CSV file as shown below. Note that the first line of the file will not be imported considering that it is not a username.

1. On the Users screen, click Bulk Import Users.
2. Browse and select the file that contains the user data. 
3. Specify a default password to assign to all the users you are importing and click Finish. This password is valid for only 24 hours, so you should inform your users that they must log in and change their password within 24 hours.

Customizing the user's roles and permissions

Each role specifies a set of permissions that the user will have when assigned that role. After creating a user, you can assign and remove roles for that user by clicking Assign Roles in the Actions column. To see which users a role is already assigned to, click View Users next to the role.

You can also customize which permissions apply to this user by clicking View Roles in the Actions column of the Users screen and then selecting the permissions from each role that you want this user to have.

Deleting an existing user

 Follow the instructions below to delete a user.

1. On the Configure tab in the management console, click Users and Roles. 
2. Click Users. This link is only visible to users with the Admin role.
3. In the Users list, click Delete next to the user you want to delete, and then click Yes to confirm the operation.