Create User
You can grant users to access Orchestrate features by adding users to user groups with specific permissions.
Just-In-Time User Provisioning
You can automatically onboard users using Just-In-Time (JIT) user provisioning, without manually creating user accounts. With Single Sign-On (SSO) through the Security Assertion Markup Language (SAML), you can automatically create and authenticate users. To configure SAML, see Configure SAML 2.0 as the Authentication Method.
Before you Start
Ensure that you have View and Create & Update User Management permissions.
Ensure that you have configured email server settings to receive emails when a password is generated or when a password is reset. To configure email server settings, see Configure Email Server.
Steps
To create a user, follow these steps:
Go to Admin Panel > User Management.
Click Add User and enter the following details:
First Name: Enter the first name of the user. For example, John.
Last Name: Enter the last name of the user. For example, Doe.
Read-Only User: Turn on the toggle to set the user as a read-only user with restricted permissions and list read-only user groups in User Groups. For more information about permissions, see User Groups Permission Set.
Note
Your license includes a specific limit for creating read-only users. A read-only user can be added to multiple user groups but remains categorized as a single read-only user.
User Groups: Select one or more user groups to assign the group permissions to the user.
Username: Enter the username for the user. For example, John. You cannot edit the username after user creation.
Email: Enter the user's email address to send emails from Orchestrate.
Password: Enter the password within 50 characters for the user to sign in if Create Password for New Users in the Authentication enabled. For more information about password strength and authentication, see Configure Username and Password as the Authentication Method.
Confirm Password: Re-enter the password to verify the password.
Note
The password cannot be modified after creation.
Bot User: Select the checkbox to mark a user as a bot user. A bot user is used to define the permissions of an OpenAPI. An OpenAPI has the same permissions as the user group of the associated bot user.
Note
You can mark a user as a bot user only during the initial user creation process and cannot be edited later.
Turn on the toggle to set the user's status to active or inactive. By default, the status is active.
Click Create.
An invite email is sent to the user’s email address. The user can follow the on-screen procedure to get started with Orchestrate.
Reset Password Link
You can re-invite users to the application by resending the reset password link to resolve the login issues for an existing user and ensure secure and efficient user management
Before you Start
Ensure that you have Create and Update User Management permissions.
Steps
To resend a reset password link, follow these steps:
Select the user, click on the vertical ellipsis, and select Reset Password.
A reset password email is sent to the user's email address.
Manage Users
After you add a user, you can perform the following additional tasks:
To edit a user's details, click on the user and edit the first name, last name, and user groups. You can change a read-only user to a user which will revoke all the view permissions and assign the user with selected user groups permission.
To export the user details, click on Export at the upper right. A CSV file will be downloaded with details such as name, email, groups, created by, created on, modified on, last active, and status.
To search users by email or name, click on Search Users and enter the name or email of the user.
To filter the users based on the created range, modified range, and status, click on Show Filters and select the filters.