User Management
User Management as described here refers to Normalen Mandanten with Dashboard function.
There are five other sub-functions in this area.
User | Zugriffsrechte and system roles of a user can be viewed and edited here. Users can also be invited to or removed from the Mandant. |
Legacy User | Users with Zugriffsrechte from Clients, which are at a higher level than this Client and have been inherited, can be viewed here. |
Indiv. Roles | Individual Rollen can be managed and assigned to specific users here. |
Pending Invitations | Invitations to users that have not yet been accepted can be viewed here. |
Pending Requests | Only relevant for "öffentlichen Mandanten": Every request (user wants to be unlocked for client) is displayed here. |
Sub-function "User"
Add Access Right
Access Rights
Access rights are only applied to the Grundlagen Administration of a Client. A distinction is made between the rights Read, Manage and Create.
Read → It is possible to view the administration of the Client
Manage → It is possible to edit the administration of the Client, manage Users and accept Verträge und Richtlinien.
Create → It is possible to create new Clients and distribute quota to subordinate Clients.
Access rights are automatically inherited by sub-clients.
To add an access right, click the "+" button, the following pop-up window then opens. By clicking the desired right, it is added automatically.
Remove Access Right
An access right can be removed by clicking the "x" on the right to be removed. Clicking the "x" opens the following pop-up window. Here you can select whether the access right is only to be removed locally or whether all legacies (related to sub-clients) are to be removed.
Add System Roles
System Roles
A Role allows access to the Dashboard, Configuration and Commissioning elements of a Client with specific Rechte. System Roles are default roles with unchangeable predefined rights.
A distinction is made between the following System Roles in the "User" sub-function:
Read User → It is possible to view the following elements of the Client: Dashboards, Konfiguration and Inbetriebnahme
Read/Write User → It is possible to edit the following elements of the Client: Dashboards, Konfiguration and Inbetriebnahme. The Read User system role is included.
Super User → It is possible to manage Zugriffsrechte in the Konfigurationsstruktur. The Read/Write User system role is included.
For data protection reasons, the role rights specified here must always be granted again separately for sub-clients. Only the option to access the administration (access rights) is automatically inherited.
To add a System Role, click the "+" button, the following pop-up window then opens. By clicking the desired System Role, it is added automatically.
Remove System Roles
A System Role can be removed by clicking the "x" on the role to be removed.
Add User
If you want to invite a user into a client, you only need to do this within the desired client as described below. The user does not automatically have access to the higher-level clients, but does have access to all sub-clients (access rights only).
Users which are unknown to the system receive an invitation link per mail, which is valid for 12 hours. When this time has expired, the users can work via the "forgot password" function to accept the invitation.
To invite a user or to add a client, click the "+" button (see above), the pop-up window below then opens. Suitable rights can be assigned to the user at the same time as the invitation. To do this, simply open the "Roles and Access Rights" area and click the "+". The invitation can then be sent. The invited user then receives a message via the user feed with a request to accept.
Remove User
To remove a user, click the trash can icon.
The following pop-up window opens:
Search Users
The search bar allows you to search for users by their username.
If there is a match, the filtered users are displayed.
Sub-function "Legacy User"
This sub-function displays all users who have access rights from parent clients. Access rights are automatically inherited from clients to sub-clients.
Sub-function "Individual Roles"
Individual Role
An individual role allows access to Dashboards, Commissioning and Configuration of the client with previously self-configured individual rights. This can be used, for example, to grant or deny access to very specific elements of the configuration.
You can create a new individual role in the configuration of the respective client under the configuration widget "Rolle" in each group. After it has been created and saved, it appears in the "Administration" in this sub-function by clicking the "+". You can now assign individual rights to this individual role in the respective group. For more information see chapter Zugriffsrechte.
An individual role can be assigned additionally to a system role. Multiple users can be assigned to a role. Multiple individual roles can be created.
Remove User from Individual Roles
To remove a user from an individual role, click the following icon:
Sub-function "Pending Invitations"
Invitations that were sent to a user but not yet accepted are displayed here.
Sub-function "Pending Requests"
The function is only relevant for "öffentlichen Mandanten", as this concerns requests from users who want to be activated in public clients.
