Managing Users

Users can be managed within Saltbox by users in the Tenant Admin group (see User Groups below for details).

Managing Users

To manage users, go to the Settings menu (marker 1 in the screenshot below) > Users page (marker 2 below).

From here, you can add a new user using the add button on the upper-right (marker 3 below) or edit an existing user by clicking on the user’s name (marker 4 below). You can also view basic details about your users, including the user type, whether or not they’re active, and so on. Note that you may also see Vision33 support staff listed, which are not counted in your available license count.

Once you add or edit a user, you will see the user details page. From here, you can manage the user’s general information, group access, and properties.

In the toolbar on the upper-right, you will see buttons that allow you to manage the account status and save any changes.

From left to right, these buttons are: Delete, Activate/Deactivate the User, Re-send the user’s Password (if the user has not yet logged in), and Save.

User Groups

Access to Saltbox projects and features is managed using User Groups. There are three types of groups:

  • System groups which are automatically generated for the Tenant, each Environment, and each Project.

  • Configured groups which allow Tenant Admin users to manage access on a per-asset basis.

  • App groups which allow project Designer/Manager users to manage access to specific assets within configured apps (note: this is an advanced feature and is not enabled for all tenants).

In most cases, user will be assigned to System groups.

Note that when no groups are assigned to a user, that user as no access. When multiple groups are added to a user, each group adds to the others. That is, the “most permissive group wins”.

Levels of Access

System and Configured groups enable the following levels of access:

  • User - Basic read-only or limited feature access. For example, view project settings and assets (such as workflows) but no ability to edit them.

  • Operator - User access plus the ability to execute, review and inspect basic project details. For example, as an Operator, a user can run workflows within a project.

  • Designer - Operator access plus the ability to create and modify asset details and configuration. For example, as a Designer, users can edit workflow designs, and restart a project’s engine.

  • Manager - Full access within the group’s scope. For example, Managers can perform all the tasks of a User, Operator and Designer, plus the ability to delete workflows and remove Connectors.

System Groups

Project Groups

Project groups are system groups which are created automatically upon creation of a project. Generally, each project group grants access only to the project whose name matches the specific group, and only at the given level of access.

For example, if a project is created called “Acme Integration”, then the following groups would be created automatically:

  • Acme Integration User - This group grants access to only the project called “Acme Integration” at the “User” level (i.e. read-only details of “Acme Integration”).

  • Acme Integration Operator - This group grants access to only the project called “Acme Integration” at the “Operator” level (i.e. view details and run workflows within “Acme Integration”).

  • Acme Integration Designer - This group grants access to only the project called “Acme Integration” at the “Designer” level (i.e. manage basic details of “Acme Integration”).

  • Acme Integration Manager - This group grants access to only the project called “Acme Integration” at the “Manager” level (i.e. full access to “Acme Integration”).

Environment Groups

Environment groups are system groups which are created automatically. Generally, each environment group grants access to all projects within that environment, at the given level of access. Environment Groups include:

  • Production

    • Production User - This group grants access to any project in the Production environment at the “User” level (i.e. read-only level).

    • Production Operator - This group grants access to any project in the Production environment at the “Operator” level (i.e. view details and run workflows).

    • Production Designer - This group grants access to any project in the Production environment at the “Designer” level (i.e. manage basic details).

    • Production Manager - This group grants access to any project in the Production environment at the “Manager” level (i.e. full access).

  • Staging (if enabled via tenant subscriptions)

    • Staging User - This group grants access to any project in the Staging environment at the “User” level (i.e. read-only level).

    • Staging Operator - This group grants access to any project in the Staging environment at the “Operator” level (i.e. view details and run workflows).

    • Staging Designer - This group grants access to any project in the Staging environment at the “Designer” level (i.e. manage basic details).

    • Staging Manager - This group grants access to any project in the Staging environment at the “Manager” level (i.e. full access).

  • UAT (if enabled via tenant subscriptions)

    • UAT User - This group grants access to any project in the UAT environment at the “User” level (i.e. read-only level).

    • UAT Operator - This group grants access to any project in the UAT environment at the “Operator” level (i.e. view details and run workflows).

    • UAT Designer - This group grants access to any project in the UAT environment at the “Designer” level (i.e. manage basic details).

    • UAT Manager - This group grants access to any project in the UAT environment at the “Manager” level (i.e. full access).

  • Development

    • Development User - This group grants access to any project in the Development environment at the “User” level (i.e. read-only level).

    • Development Operator - This group grants access to any project in the Development environment at the “Operator” level (i.e. view details and run workflows).

    • Development Designer - This group grants access to any project in the Development environment at the “Designer” level (i.e. manage basic details).

    • Development Manager - This group grants access to any project in the Development environment at the “Manager” level (i.e. full access).

Tenant Groups

Tenant groups are system groups which are created automatically. Generally, each tenant group grants access to all projects, at the given level of access. Tenant Groups include:

  • Tenant User - This group grants access to all projects and assets within those projects at the “User” level (i.e. read-only level).

  • Tenant Operator - This group grants access to all projects and assets within those projects at the “Operator” level (i.e. view details and run workflows).

  • Tenant Designer - This group grants access to all projects and assets within those projects at the “Designer” level (i.e. manage basic details).

  • Tenant Manager - This group grands access to all projects and assets within those projects at the “Manager” level (i.e. full access).

  • Tenant Admin - In addition to the above tenant groups which grant access to projects, the Tenant Admin group grants access to administrative features. Tenant Admin does not grant access to any projects, but does grant access to manage user access to projects (as well as other features). Settings that can be managed by Tenant Admin users include:

    • Saltbox App Hosts - App hosts are the infrastructure that support projects. These may be cloud containers or dedicated app servers on AWS EC2. From this page, admins can view host statuses, as well as restart hosts (which will temporarily pause all project engines that run on that host)

    • Tenant Details - View tenant information including users and subscriptions.

    • Users - User details can be managed from this page, including the user’s group assignments and properties.

    • User Properties - Properties can be created which support advanced functionality such as reports. Once created, the Users page can be used to assign these properties to each user. For example, an employee ID may be assigned that allows configured reports to filter data automatically based on the user’s assigned ID.

    • Groups - Manage system, configured and app groups. From this page, multiple users can be assigned to a group.

    • System Information > Audit Trail - View auditable details, such as tenant-wide engine restart times and Connector changes.