- 27 Aug 2024
- 6 Minutes to read
- Print
- DarkLight
- PDF
Managing Users
- Updated on 27 Aug 2024
- 6 Minutes to read
- Print
- DarkLight
- PDF
Implement Axonius Role Based Access Control (RBAC) and compartmentalized access by assigning each Axonius user to a specific role and data scope. A role consists of a predefined set of permissions for working with Axonius pages and capabilities. This means that any changes to the role permissions will affect all the users to whom the role is assigned. Assign users a data scope to control the data each user can see.
See Manage Roles for more information about managing roles.
To manage Users:
- From the top right corner of any page, click . The System Settings page opens.
- In the Categories/Subcategories pane of the System Settings page, expand User and Role Management, and select Users.
The page displays the list of defined Axonius users, and each user's role and permissions.
User Actions
Actions are available when you hover over a table row or select one or more Users in the table.
To delete Users:
- On the Users page, hover over a user or select one or more users. The More Actions menu is available.
- From the More Actions menu, select Delete to delete one or more users.
You can also delete users from the User Details drawer.
To assign a Data Scope:
- On the Users page, hover over a user or select one or more users. The More Actions menu is available.
- From the More Actions menu, select Assign Data Scope.
- Select a Data Scope from the list and click Assign.
To assign a role:
- On the Users page, hover over a user or select one or more users. The More Actions menu is available.
- From the More Actions menu, select Assign Role.
- Select a role from the list and click Assign.
Adding a New User
- From the Users page, click Add User. The New User drawer appears.
In the New User drawer, specify the following user details:
User Name (required) - The user name of the user as it should appear in the Axonius system. This is a unique field and cannot be changed. Note that the user name is case sensitive.
Role (required) - Select a role from the predefined roles. Roles can be reassigned later per user or by using bulk operation. Axonius provides a few predefined roles. You can set more roles according to your own requirements.
Main Data Scope - Select the Data Scope this user has access to when they log in to Axonius. Data Scopes determine what data, dashboards, queries and other objects a user can see. See Data Scope Management for more information on Data Scopes. The Data Scope name appears in the Data Scope column on the Users page. Admin users are automatically assigned the Global Data Scope.
Authorized Data Scopes - Users with the "Move between Data Scopes" permission can access other Data Scopes in addition to the Main Data Scope selected above. Select one of the following:
- All data scopes - Available only for users with Global Data Scope as their main Data Scope. Select if this user is authorized to connect to all Data Scopes.
- Specific data scopes - Select if this user is authorized to connect to specific Data Scopes only. Select the authorized Data Scopes from the list.
NOTEAdmin users with the Manage data scopes permission can assign Data Scopes to other users.Password (required) - Select one of the following:
- Generate reset password link - This generates a reset password link URL which you can copied or send to the user, where they can set their own password.
- Set password - The Password field will contain the password to associate with the user.
Under Optional Details, enter these details for the user:
- First Name and Last Name - The first and last name of the user.
- Email - The email of the user. This is used to create or to reset a password.
- Department - The department in which the user works.
- Job Title - The job title of the user.
- Click Save.
Editing an Existing User
To update an existing user, from the Users page, click a user record.
The User drawer appears.
Update the user's configuration:
- For internal users, you can change the user's: first name, last name, email, department, job title, role or password.
- For external users (SAML/LDAP), you can update:
- Role - Change the user's role.
- Add Ignore role assignment rules - Select whether to enforce the current user's role regardless of the Role Assignment Settings configuration under the Identity Providers Settings.
- If enabled, the user's assigned role will remain as is and will not be evaluated on future logins.
- If disabled, the user's assigned role may be changed on future logins, depending on the Role Assignment Settings configuration under the Identity Providers Settings.
Click Save.
- You can only edit internal users who were created in Axonius by an Admin or by any other authorized user.
- Only Admin users can modify the system default Admin user. Allowed changes are limited to email and password.
Reset a User Password
- To reset a password for an existing user, from the Users page, click a user record.
The User drawer appears.
- You can choose to reset a password using one of the following methods:
- Setting a new password manually
- Enter a new password in the Password field and then click Save.
- Creating a reset password link for the user to reset their own password.
- Click the Reset Password icon in the title bar of the user drawer.
- A new reset password link will be generated each time and will be visible in a dialog.
- The reset password link is valid according to the expiration configured in the Password Reset Settings.
- The reset password link also expires when the user sets a new password through the reset password link or when a new reset password link is generated for this user.
- The reset password link can either be copied or sent by Email (If an Email server is configured in the Email Settings).
- Setting a new password manually
Deleting Single or Multiple Users
To delete a user, from the Users page, click a user record, and then click Delete ( ) in the title bar.
You can also select multiple users, and from the Actions menu, select Delete Users.
Reassign Role to Single or to Multiple Users
To reassign role to a single or to multiple users:
- From the Users page, select the relevant users, click the Actions menu, and select Assign Role.
- In the dialog, select the role to be assigned for the selected users and click Assign.
Search and Filter the Users List
Use the Search bar at the top of the page to find a specific user and to filter the list of users displayed.
- Search - Enter a user name, first name, last name, email, department or job title to search by one of these parameters; the system returns all users whose details contain these values.
- Role - Select a role, to filter the display by role. This includes both the system roles, and any custom roles that were added. All users with that role are displayed. Click Clear All to clear all selections.
- Source - Use Source to filter the display users according to their Identity Providers Settings: Internal, LDAP or SAML. Click Clear All to clear all selections.
- Date - Use the date picker to filter the display by users whose last login was on a certain date or in a certain date range.
Click Reset to clear the search and filters.
Exporting User Data to CSV
You can export Users table data to a CSV file.
To export user data to CSV:
- Above the right side of the Users table, click Export CSV. The file is automatically downloaded to your local computer.
For general information about working with tables refer to Working with Tables.