The User Management feature allows an administrator to create login users and manage permissions of the users. A user can be associated with a role which is pre-defined in ConnectALL. User Management is only accessible to the admin user.

Roles & Permissions

Role

Permissions

CA-ADMIN

<ALL> User Management, Dashboard, License Configuration, ConnectALL core service configuration, Monitor Server Logs. A CA-ADMIN can, 

  • Access, modify, clone, and delete all the automations, irrespective of the group. And has unrestricted access to all the features.
  • Access the Metrics page and view the reports.
  • View and edit the Value Stream Visualization layout, can upload and delete icons from the Value Stream Visualization layout.

ADMIN

Create / Modify / Enable/ Delete / Clone — Mapping, Dashboard, Bulk Link Configuration, Monitor Server Logs for that group. An ADMIN can, 

  • Modify, clone, and delete all the information for the automations tagged in the group (an ADMIN belongs to). 
  • Access User Management screen, Alarm configuration screen but not for other advanced configurations.
  • Access the Metrics page, view the reports, and monitor server logs. View and edit the Value Stream Visualization layout.
Editor

Modify/Enable — Configuration, Entity Mapping, Field Mapping, Dashboard, and Bulk Link Configuration. Further, an 'Editor' can edit all the information of the automations including server URLs (but only for the automations tagged in the group, the 'Editor' belongs to). An 'Editor' can also view and edit the Value Stream Visualization layout.

CONTRIBUTOR

Modify/Enable — Entity Mapping, Field Mapping, Dashboard, and View – Configuration, Bulk Link Configuration. Note that a 'Contributor' will not be able to make any changes to the connection, but can make changes in Entity and Field Mapping tabs, for the automations tagged to the contributor's group. A 'Contributor' can also view and edit the Value Stream Visualization layout.

USER

View Mapping and Dashboard screens. A 'User' does not have access to modify the automations and can view only the configurations. In addition, the users are allowed to view and edit the Value Stream Visualization layout. 

  • An 'admin' is the only user who has a CA-ADMIN role. Also, the CA-ADMIN role cannot be assigned to any other user.
  • When a new user tries to log in using SAML authentication, the email address that you provide here for the CA-Admin will get an email notification about the new user login.

To go to the User Management screen,

  1. Click the user icon at the top right corner of the navigation bar, and
  2. Click the User Management option from the drop-down list.

The User Management screen will be displayed. This screen allows you to create and edit users, groups, teams, manage API Keys, and generate user login reports. 

Users

To add a new user,

  1. Click the user icon at the top right corner of the navigation bar.
  2. Click the User Management option from the drop-down list.
  3. Click the Users tab. (If you've already created any users, they will be listed on this screen.)
  4. Click Add User to add a new user. (To modify an existing user, click the edit icon () against a user). The User Administration screen will be displayed.
  5. In the User Administration screen, provide the following:
    1. User Name
    2. Password
    3. Email address
    4. Select a Role
    5. Select a Group (that you want the user to belong)
  6. Click Save.

You have finished creating a user, and it will be displayed in the list. 

*To add an LDAP user, click the Add LDAP User option to select it (so that the user will be added as an LDAP user). The password cannot be provided for an LDAP user as it will use the LDAP password to log in.   

Groups

This is an additional level of security offered by ConnectALL. You can logically group automations into a group and associate the group to a user. This option restricts access to the automations which are not relevant to a user. If you click on the edit button displayed against a group, the associated automations of the group will be listed (if you have already associated automations with groups).

  1. Click the user icon at the top right corner of the navigation bar.

  2. Click the User Management option from the drop-down list.

  3. Click the Groups tab. It will be listed on this screen if you've already created any group. (To modify an existing group, click the edit icon () against a group.) 

  4. Click Add Group to add a new group. The Group Administration screen will be displayed.

  5. In the Group Administration screen, 

    1. Provide a Group Name for the new group.

    2. Select the Connections and Automations that you want to associate with this group. 

  6. Click Save Group

You have finished creating a group, and it will be displayed in the list. 

Teams

Teams are actually sub-groups that can be created within groups and can be used to categorize or group the automations. A team can be associated only with one group. You can associate connections, automations, and users to a team. When you've associated a user with a team, that user will be able to view only the automations that are associated to the team. (A user can be part of multiple teams, and can be associated with a team only through the Users tab.)

To add a new Team,

  1. Click the user icon at the top right corner of the navigation bar.
  2. Click the User Management option from the drop-down list. 
  3. Click the Teams tab.
  4. Select the group under which you want to create the team. If you have already created any team under the group that you selected, those teams will be displayed.
  5. Click Add Team. The Team Administration screen will be displayed.
  6. In the Team Administration screen,
    1. Provide a Team Name.
    2. Select a Team Group.
    3. Select the Connections and Automations that you want to associate with this team.
    4. Select the users that you want to be a part of this team. (Note that the users will be displayed to be selected only if they are already a part of the team's group).
    5. Click Save Team.

You've finished creating a team and it will be displayed in the User Management screen under the Teams tab.

ADMIN Role - User Management

Anyone with an ADMIN role will be able to search for other users who do not belong to the group and can add users to the available groups. To click a user to a particular user,

  1. Enter the user name of the user you are trying to search and click the search icon. The search results will be displayed. 
  2. Click the click the edit icon () against the user. The User Administration screen will be displayed (2nd image below). This screen will also display the groups where the searched user is already a member. Note that the user is already a part of the group, 'testgroup1'.
  3. Click to select the group(s) to which you want to add the user.
  4. Click Save.


 

API Key

An API Key is a token which uniquely identifies your credential. API Key can be used to authenticate ConnectALL ReST services. It allows you to create, deactivate and reactivate an API key.

The user admin can manage all the keys generated in ConnectALL. An admin can generate a key for himself. However, an admin cannot generate a key for another user, nor view the keys of other users. He can view the status of the generated keys and activate/deactivate keys though.

Generate an API Key

System admin and Group admin can generate an API Key. A user can generate an API Key for himself only. It is not possible to generate the key for another user.

View an API Key

The generated key can be viewed by clicking the View button. It is not recommended to share the generated key to others, because it represents the user and could be used to perform operations in ConnectALL via ReST API.

Activate / Deactivate an API Key

An API Key can be deactivated when not in use. An attempt to authenticate ReST services with the deactivated key will result in 401 error. The deactivate key can be reactivated later.


How to authenticate ConnectALL ReST service?

An additional query parameter apikey={CA-api-key} needs to be added in your ReST request as shown below. Example: http://{CA-host}:7070/SyncService/push?apikey={CA-api-key}

User Login Status

The User Logins tab contains the report that shows the information of the users who have not logged in x days over a period of time.