.png?sv=2019-07-07&sig=sVEITm3liYCkbbatJqm7mRFmW3YHZD8pJ%2BZY5fRC%2BAk%3D&spr=https%2Chttp&st=2022-12-05T23%3A49%3A32Z&se=2022-12-05T23%3A59%3A32Z&srt=o&ss=b&sp=r){kind=logo}
Manage Users
- 15 Sep 2022
- 4 Minutes to read
-
Print
-
DarkLight
-
PDF
Manage Users
- Updated on 15 Sep 2022
- 4 Minutes to read
-
Print
-
DarkLight
-
PDF
Implement Axonius Role Based Access Control (RBAC) by assigning each Axonius user to a specific role. A role consists of a predefined set of permissions for working with Axonius pages and capabilities. This means that any changes to the role permissions will affect all the users to whom the role is assigned.
See Manage Roles for more information about managing roles.
To open the Manage Users page, from the top right corner of all pages, click 
. The System Settings page opens. Then, click the Manage Users tab.
The page displays the list of defined Axonius users, and each user's role and permissions.
Adding a New User
- From the Manage Users tab on the System Settings page, click Add User.
The User drawer appears.
- Specify the following user details:
- User Name (required) - The user name of the user as it should appear in the Axonius system. This is a unique field and cannot be changed. Note that the user name is case sensitive.
- First Name and Last Name (optional) - The first and last name of the user.
- Email (optional) - The email of the user. This is used to create or to reset a password.
- Department (optional) - The department in which the user works.
- Job Title (optional) - The job title of the user.
- Role (required) - Select a role from the predefined roles. Roles can be reassigned later per user or by using bulk operation. Axonius provides a few predefined roles. You can set more roles according to your own requirements.
- Password mode (required) - Select one of the following:
- Set password - The Password field will contain the password to associate with the user.
- Generate reset password link - This generates a reset password link URL which you can copied or send to the user, where they can set their own password.
- Click Save.
Note:
If you are using an Identity Provider Login, for example SAML, any user logging in for the first time is added to the users list. The user is assigned to a role based on the configured role assignment rules. For details, see Identity Provider Settings .
Editing an Existing User
-
To update an existing user, from the Manage Users tab on the System Settings page, click a user record.
The User drawer appears.
-
Update the user's configuration:
- For internal users, you can change the user's: first name, last name, email, department, job title, role or password.
- For external users (SAML/LDAP), you can update:
- Role (required) - Change the user's role.
- Add Ignore role assignment rules (required, default: False) - select whether to enforce the current user's role regardless of the Role Assignment Settings configuration under the Identity Providers Settings.
- If enabled, the user's assigned role will remain as is and will not be evaluated on future logins.
- If disabled, the user's assigned role may be changed on future logins, depending on the Role Assignment Settings configuration under the Identity Providers Settings.
-
Click Save.
Notes
- You can only edit internal users who were created in Axonius by an Admin or by any other authorized user.
- Only Admin users can modify the system default Admin user. Allowed changes are limited to email and password.
Reset a User Password
- To reset a password for an existing user, from the Manage Users tab on the System Settings page, click a user record.
The User drawer appears.
- You can choose to reset a password using one of the following methods:
- Setting a new password manually
- Enter a new password in the Password field and then click Save.
- Creating a reset password link for the user to reset their own password.
- Click the Reset Password icon.
- A new reset password link will be generated each time and will be visible in a dialog.
- The reset password link is valid according to the expiration configured in the Password Reset Settings.
- The reset password link also expires when the user sets a new password through the reset password link or when a new reset password link is generated for this user.
- The reset password link can either be copied or sent by Email (If an Email server is configured in the Email Settings).
- Setting a new password manually
Deleting Single or Multiple Users
To delete a user, from the Manage Users tab on the System Settings page, click a user record, and then click Delete ( 
).
You can also select multiple users, and from the Actions menu, select Delete Users.
Note:
The system admin user cannot be deleted.
Re-assign Role to Single or to Multiple Users
To re-assign role to a single or to multiple users:
- From the Manage Users tab on the System Settings page, select the relevant users, click the Actions menu and select Assign Role.
- In the dialog, select the role to be assigned for the selected users and click Assign.
Search and Filter of the User Display
Use the Search bar at the top of the page to find a specific user and to filter the list of users displayed.
- Search - Enter a user name, first name, last name, email, department or job title to search by one of these parameters; the system returns all users whose details contain these values.
- Role - Select a role, to filter the display by role. This includes both the system roles, and any custom roles that were added. All users with that role are displayed. Click Clear All to clear all selections.
- Source - Use Source to filter the display users according to their Identity Providers Settings: Internal, LDAP or SAML. Click Clear All to clear all selections.
- Date - Use the date picker to filter the display by users whose last login was on a certain date or in a certain date range.
Click Reset to clear the search and filters.