Users

Users are individuals with access to the system. Users gain access to application and network resources through the user groups to which they are assigned.

Individual users can also be assigned roles directly, without membership to a user group.

Note: The Fabric Services System uses Keycloak, a well-known and secure solution, for its identity and access management. Keycloak does not store passwords in raw text; instead, passwords are stored as hashed text, using the PBKDF2-HMAC-SHA512 message digest algorithm. Keycloak performs 210,000 hashing iterations, the number of iterations recommended by the security community. Out of security concerns, both Keycloak and the Fabric Services System do not provide any API or UI functionality to see a user's password, even hashed.

Viewing a list of existing users

Follow this procedure to view a list of existing users.
  1. Click to open the main menu.
  2. Select User and Resource Management.
  3. Select Users from the drop-down list.

Creating a new user

Follow this procedure to create a new user.
  1. From the main menu > User and Resource Management page, select Users from the drop-down list.
  2. Click + CREATE USER.
  3. In the User Info section of the overlay, enter the required job information data for the new user.
    • a user name to identify the user
    • the user's e-mail address
    • a password the user uses to sign in to the system
    • confirm the password
    • optionally, enter the user's first and last name to identify them
  4. Confirm the User Enabled toggle is enabled.
    You can also disable the user by disabling the toggle. Only enabled users are permitted access to the system.
  5. Assign the user to one or more user groups. Select Assigned User Groups from the left navigation menu.
    The user must be assigned to at least one user group to gain resource permissions. Optionally, you can create a user without assigning the user to a user group, then add the user to a user group later.
  6. Click the check box next to one or more user groups to which you would like to assign the user.
  7. Click CREATE.

Assigning a user to a user group

You must configure appropriate user groups before starting this procedure.
You can assign a user to one or more user groups. The user gains the resource permissions that are associated with the group.

Follow this procedure to assign a user to a group.

  1. From the main menu > User and Resource Management page, select Users from the drop-down list.
  2. For a specific user, click the options menu at the right end of the row.
  3. Select Open.
  4. Select Assigned User Groups from the left navigation menu.
    You can sort and filter the list of user groups.
  5. Click the check box next to one or more user groups to which you would like to assign the user.
  6. Click SAVE.

Assigning a role to a user

You can assign a role directly to a user, bypassing user groups entirely. The user gains the resource permissions specified in the role. Only one role can be assigned to an individual user.

If the user requires customized permissions that are not present in any of the existing roles in the system, you can create a custom role for the user containing the specific permissions.

Follow this procedure to assign a role directly to a user.

  1. From the main menu > User and Resource Management page, select Users from the drop-down list.
    If the user that you would like to assign the role to is not yet created in the system, create the user.
  2. For the specific user, click the options menu at the right end of the row.
  3. Select Open.
  4. Select Assigned User Roles from the left navigation menu.
    You can sort and filter the list of user roles.
  5. Select one of the listed roles to assign to the user.
    You can only select one role for a user.
  6. Click SAVE.
To confirm the assignment, you can open the role and view the list of assigned users.

Deleting a user

Follow this procedure to delete a user from the list of users.
  1. From the main menu > User and Resource Management page, select Users from the drop-down list.
  2. For a specific user, click the options menu at the right end of the row.
  3. Click Delete.
    If prompted, confirm that you want to delete the selected user.
    The user is deleted from the list of users. The user is also removed from any user group memberships.