Provided you have System Administrator privileges, you can add users to your environment and manage their properties, including their passwords and permissions.
Adding users to your environment does not automatically give them access to transactions. To access transactions, a user must either be assigned an Administrative Role that provides general app access (we'll cover how to do this below) or be designated as a participant in a specific transaction.
This tutorial will cover adding a user, viewing a list of all users in an environment, managing their properties, and granting users Administrative Role permissions.
Adding a New User
Adding a new user stores a person’s name and email address in your environment and sends a notification to them with a link to set a login password.
1. Browse to Add User
Browse to your environment’s Administration page and select Add User from the left-hand pane.
2. Provide the User's Details
In the Add User dialog, provide your new user’s Name and Email Address and select Create.
That's all there is to adding a user. The user should now receive an email with a link to create their password for logging into your environment.
Note: As mentioned above, adding a user does not automatically grant them access to transactions.
Viewing Your Environment's Users
To view all the users associated with your environment, select Corporation Users from the left-hand pane of your Administration page.
This list shows a user’s status (active, pending, or deactivated) and last sign-in date.
You'll also see a column called Roles, which displays any Administrative Role/s a user has been provided.
Note: Administrative Roles are different from those you may be familiar with creating in the Wizard and using on a Record-specific basis.
Administrative Roles have to do with a user’s permissions across your environment. You can read about Administrative Roles in the Admin Roles section of Crash Course on Security. We’ll also show you how to add Administrative Roles to a user in the next section of this tutorial.
Click on one of your users in this list to open a dialog where you can:
- View or reset the user’s authentication token,
- Change their password,
- Remove their Administrative Roles, or
- Reset their password
Change Password vs Reset Password
Note that there's a difference between changing someone's password for them and resetting someone's password.
You can set a user's password yourself using the Change Password property. To do so, select Change Password, enter the new password value, and select Update.
If you want to prompt a user to reset their password, select Reset Password.
You will also see the Deactivate and Delete User buttons when a user has no Administrative Roles assigned.
- Selecting Deactivate will prevent a user from being able to log into your environment or access its Records.
- Selecting Delete User will remove a user from your environment altogether. However, you may not delete a user who participates in any Record in the environment.
Providing Users with Administrative Roles
From your Administration page, you can also provide a user with one or more Administrative Roles, which provide user permissions across an entire corporation or app.
NOTE: You can read about the different types of Administrative Roles in the Security Layer: Admin Roles crash course on security.
1. Browse to Add Role to User
To assign an Administrative Role to a user, browse Add Role to User from the left-hand pane of your environment’s Administration page.
2. Configure the User's Admin Role
From the User dropdown, select an existing user.
In the Context dropdown, select the context in which you want to grant your user permissions. You’ll see two types of options:
- The name of every App: If you want to assign the user an App Administrator role (which applies exclusively to a specific App), select an App.
- Corporation: If you want to assign any other Administrative Role (which will apply to the entire corporation), select this option. (You'll find Corporation as the last value in the dropdown.)
Finally, select the Role type. Reference the Administrative Role table in our Crash Course on Security tutorial to find the permissions that fit your needs.
Select OK to save your changes.
Wrapping Up
That’s all there is to managing the basic properties of your environment's users. Remember that adding a user to your environment doesn’t automatically grant them access to any Records or permissions to do anything inside your environment. We recommend checking out our Crash Course on Security article to start understanding how to allow your users to do more once they've been added.