Users
Last updated
Last updated
Within the Users section, new users can be generated.
Additionally, you can view or modify various attributes associated with the user accounts.
You can use the search box to find a specific user.
Click the Refresh button to see the latest settings.
You can also choose how many users you want to display on one screen. Select your preferred option from the dropdown menu as shown above.
You have two options for searching users: default search and attribute search.
Default search: This is the basic search feature where you can search through any part of the data.
Attribute search: After selecting Attribute search, you'll be prompted to choose the attribute with which you want to search for the user.
You can choose the specific key and value of the user/users you wish to search for.
After entering the Key-Value pair and clicking on the checkmark icon, you will be presented with the users matching that criteria.
You can select a specific user by checking the checkbox next to their name. If you wish to delete one or multiple users simultaneously, select the respective user/users and click on Delete user.
If you want to delete a single user, you can also click on the three dots next to that particular user and select the Delete option.
Upon selecting Delete, you will receive a prompt asking for confirmation, as shown below.
If you wish to remove the user, click on Delete. Otherwise, click Cancel.
To generate a new user, click on Add User.
If you need guidance, refer to the steps mentioned under Creation of User.
The Username, Email, First Name and Last Name can be edited or modified.
It includes the actions which the user needs to perform after logging in.
For example - verify Email sends an email to the user to verify their email address. Update Profile requires the user to update their profile.
This is a toggle button. When enabled (toggled ON), it enables the verification of a user's email address. When disabled (toggled OFF), the user's email address is not verified.
This is the name used by the user during creation.
It can also be used for logging into ZTrust.
The user's provided Email address during registration or in case the user has been created by the Admin. It can also be used for logging into ZTrust.
The user's First Name or the First Name provided during registration.
The Last Name provided by the user during registration, or the user's last name.
This setting enables you to join different groups for the specific user.
Clicking on Join Groups will prompt the following:
You can search for a specific group using the search box.
You can also choose how many groups you want to display on one screen. Select your preferred option from the dropdown menu as shown above.
Select the desired group by checking the checkbox next to it. After selecting the group, click on Join.
After clicking on Join, you will be directed to the screen below.
You will see the group that you have joined for that specific user.
By clicking on the 'x' symbol, you can remove this user from the group.
If you've entered the details and wish to create a user, click on Create.
If you decide not to create a user, click on Cancel to discard the changes.
After clicking on Create, you will be directed to the screen below.
It is generated automatically once a user is created.
It indicates the time period when the user was created.
It includes the actions which the user needs to perform after logging in.
For example - verify Email sends an email to the user to verify their email address. Update Profile requires the user to update their profile.
This is a toggle button. When enabled (toggled ON), it enables the verification of a user's email address. When disabled (toggled OFF), the user's email address is not verified.
This is the name used by the user during creation.
It can also be used for logging into ZTrust.
The user's provided Email address during registration or in case the user has been created by the Admin. It can also be used for logging into ZTrust.
The user's First Name or the First Name provided during registration.
The Last Name provided by the user during registration, or the user's last name.
This attribute, created as needed, refers to the user's contact number.
In the Credentials tab, the administrator can set up the password for the user.
Additionally, the Admin user has the ability to delete or reset the user's password.
Upon selecting Set password, you will receive the prompt below.
Enter the password that you wish to set for the end user.
Re-enter the password to confirm that it matches the one set previously.
This toggle button, when enabled (toggled ON), requires the user to change the password at the next login.
When toggled OFF, the user is not required to change the password.
You can toggle it ON or OFF according to your requirements.
After making changes, if you want to save the credentials, click on Save.
Upon clicking Save, you will receive the following prompt asking for confirmation.
Click on Save password if you want to save the credentials, otherwise click on Cancel.
If you decide not to save the credentials, click on Cancel.
After saving the credentials, you will be presented with the screen below.
This indicates the type of credential, such as password or OTP (One-Time Password).
This refers to the label assigned by the user to identify the credential when presented as an option during login.
You can assign any value to it that aids in recognizing the credential.
It indicates the time period when the user was created.
This represents the technical details of the credential, which are not confidential.
By default, this information is hidden.
You can reveal the data for a credential by clicking on Show data…
Upon clicking on Show data…, you will be presented with a prompt containing the following details.
These are mathematical functions that transform plaintext passwords into unique, fixed-size outputs known as hashes. These hashes are subsequently stored in databases.
It indicates how many times a password is hashed before being stored in the database.
In the Reset Password section, the Admin user can reset the password for the user.
In this tab, the Admin can configure the Password for the selected user.
The same Password must be entered again here to ensure accuracy in setting up the password.
When enabled (toggled ON), the user is required to change the password upon the next login. When disabled (OFF), the user is not prompted to change the password on the next login but can do so at their convenience.
As an Admin, when setting up a password for an end user and providing the necessary details as indicated above, you can save the password by clicking on Save.
Upon clicking Save, you will receive the following confirmation prompt:
To proceed with resetting the password for the user, select Reset Password. Otherwise, click Cancel to abort the operation.
If the credentials are no longer required, choose Delete to remove them.
You can move the credentials up and down (by dragging the rows up and down) as per the priorities.
You can use the search box to find a specific role.
Selecting this checkbox hides inherited roles, preventing you from seeing roles inherited from composites. To view inherited roles, simply uncheck this option.
Click the Refresh button to see the latest settings.
You can also choose how many roles you want to display on one screen. Select your preferred option from the dropdown menu as shown above.
It includes the list of all the different roles that are already defined in ZTrust.
This pertains to roles explicitly assigned to users and those inherited from composite roles. It can have two values: True (indicating the role is inherited from composites) or False (indicating it is not inherited from any composite role).
It refers to the description for the role which will aid you in identifying its purpose.
This field can be localized by specifying a substitution variable with ${var-name} strings.
Upon clicking the three dots, you'll encounter the option to unassign the role for that specific user. After selecting Unassign, you will receive the following prompt asking for confirmation.
Click on Remove to unassign the role, or click on Cancel to keep it assigned.
You can select the checkbox for the specific role you want to assign with this role. Click on the checkbox to select the role, then click on Assign role.
It includes Groups in which the user is a member.
To make the user a member of a specific group, select Join Groups.
Clicking on Join Groups will prompt the following:
You can search for a specific group using the search box.
You can also choose how many groups you want to display on one screen. Select your preferred option from the dropdown menu as shown above.
Select the desired group by checking the checkbox next to it. After selecting the group, click on Join.
After clicking on Join, you will be directed to the screen below.
You will see the group that you have joined for that specific user.
Click the Refresh button to see the latest settings.
This is useful if the user belongs to a child group.
By selecting this checkbox, you can directly see the child group the user is a member of. If the checkbox is unchecked, it will display both the child group and the parent group the user is part of.
You can search for a specific group using the search box.
You can also choose how many groups you want to display on one screen. Select your preferred option from the dropdown menu as shown above.
It specifies the name of the group.
It specifies the path where the group is present.
If you wish to remove the user from the group, click on Leave.
After clicking on Leave, you will receive the following prompt asking for confirmation.
Click on Leave to remove the user from that group, or click on Cancel to keep them in the group.
To remove the user from multiple groups at once, select each group by clicking the checkbox next to it. Then, click Leave.
A confirmation prompt will appear.
Click on Leave to confirm the removal, or click Cancel to abort.
This tab provides information about the clients to which the user has granted consent to access, including the default client scopes and any additional client scopes granted.
This section enables users to connect their accounts with other providers.
Under Sessions, the admin can view the clients where this user has an active session along with the following details for each session.
When enabled (toggled ON), the user can log in.
If disabled (turned OFF) for any particular user, login access is restricted for that user.
This refers to the actions that can be performed on a user account, such as Impersonate or Delete.
Clicking on Impersonate allows you to log in as that user.
If the user is in the same realm as yours, your current session will be logged out before logging in as that user.
The user can be deleted on clicking the Delete button.
Upon clicking Delete, you will receive a prompt as depicted above, requesting confirmation. Click Delete to remove that specific user, or click Cancel to retain them.
