The System Settings > User menu item allows system administrators and the Super user to administer and delete users registered in the system or create new users.
Contents
Creating users
System administrators with the necessary permission and the Super user can create new users. To create a new user, the button with the plus sign must be clicked.
|
Email
The primary email address of the new user. After the user has been created, additional email addresses can be stored and the primary email address can be changed.
Username
An optional unique username which can be used for system login.
The username, after creating a user, can no longer be changed via the system settings. Only the users themselves can change the username via My Profile.
First name, family name, gender
Personal data of the user.
Language
The language of the user. Used for the rendering of the management interface.
By clicking on "Create profile", the new user is created with the minimum information. After creating a user, further configurations can be made. See User administration.
User administration
Users registered in the system can be administered by system administrators with the necessary permission and by the super user. The user's email addresses, connected accounts and security aspects can be configured.
System administrators cannot administer themselves.
Profile properties
The profile properties provide an overview of the respective user. The following information is displayed:
Dsiplay name
The display name of the user consisting of first and last name.
Primary email address
The user's primary email address, if any. For more information about the primary email address, see My Profile.
Benutzername
The username of the user, if any. For more information about the username, see My Profile.
ID
The internal ID of the user.
Creation date
The date on which the user was created / registered. By hovering the mouse cursor over the information, the exact date becomes visible.
Information tags
There can be a number of tags that reveal information about the registered user at a glance:
(In-)Active
Whether the user is active or inactive. Inactive users cannot log in.
System admin
Reveals whether the user is a system administrator, i.e. has access to the system settings. As soon as a user is assigned system permissions, he is a system administrator.
Cannot sign in
This note appears when the user has no possibility to log in to the management interface. This is the case when the user is assigned a associated account whose login service is not enabled for the login screen of the administration interface. Or the user does not have a linked account or a password. If the system login is disabled on the login screen, users will also not be able to log in with an assigned password.
|
Profile is active
The profile of users can be switched (in)active. Inactive users are not able to log in.
Permissions
In the Permissions section, various permissions can be assigned to the user. Two types of permissions can be assigned: General permissions & System permissions.
|
General permissions
Permissions for accessing support and help
Systemberechtigungen
Permissions that give the user access to the system settings. Users with system permissions are also called system administrators.
Emails
The Emails section is similar to the Emails section of My Profile. Every email stored in the profile is listed here. The same actions are available. For more information about the email addresses of a profile, see My Profile. The adminstrative view extends the Emails section with administrative actions, which are indicated by the 
icon. In the following, only the adminstrative actions will be explained. For explanations of the general email actions, see My Profile.
|
icon.Use as primary email
This adminstrative action directly sets the selected email address as the user's primary email address. No email confirmation is required. See Primary email for more information.
Verify
This administrative action marks the selected email address as verified without the need for email confirmation. See Verify email for more information.
Merge profiles
This adminstrative action appears when an unverified email address is already used by another profile (verified in another profile). By clicking on "Merge profiles" the two profiles will be merged directly. No email confirmation is required. See Merging profiles for more information.
Connected Accounts
The Connected Accounts section is similar to the Connected Accounts section from My Profile. Each connected account is listed here. The same actions are available. For more information about the connected accounts of a profile, see My Profile. The adminstrative view extends the Connected Accounts section with administrative actions, which are indicated by the 
icon. In the following, only the adminstrative actions will be explained. For explanations of the general actions of this section, see My Profile.
|
icon.Remove
This administrative action removes the connection of the selected account directly. No email confirmation is needed. See Remove account connection for more information.
Connect new account
Connecting a new account to the user profile is slightly different from connecting an account from the My Profile page. Instead of prompting the user to log in, the administrative account connection wizard appears. This requires the following information:
Login service
The login service specification determines the identity provider that provides the account to be connected.
User identifier
Specifying the user's identifier within the selected login service / identity provider.
After the necessary information has been entered and the account connection has been created by clicking "Connect account", it will be displayed in the overview of connected accounts. After the connetion is created, no information email is sent to the user that this has been done.
|
Security
The Security section is similar to the Security section of My Profile. The security configurations of the profile are displayed here. The same actions are available. For more information about the security of a profile, see My Profile. The adminstrative view extends the Security section with administrative actions, which are indicated by the 
icon. Only the adminstrative actions and differences will be explained below. For explanations of the general actions of this section, see My Profile.
|
icon.Generate new password
This Adminstrative action allows the user to assign a new, random, password policy compliant password. After clicking the button, the password will appear once. The password should be remembered. After saving, the password cannot be displayed again and it will take effect.
|
Two-factor authentication
In the admin view, two-factor authentication cannot be set to via Authenticator app. Using two-factor authentication via Authenticator app requires registration by the user and can only be started from My Profile. For more information on two-factor authentication, see here.
User information
The User Information section is similar to the section from My Profile.
Reset login attempts
If a user tries to log in several times with the wrong password or enters the wrong authentication code several times during two-factor authentication, the user will be blocked for a certain period of time. Blocked users will not be able to log in for the period of the block. How long the lockout is and how often an incorrect login is required to trigger a lockout can be configured in the application properties.
System administrators and the Super user can remove this lock by selecting the affected user and clicking the "Reset login attempts" button.
|
Deleting users
Each user can be deleted in the adminstrative user overview. To delete, select the user and then click the "Delete" button. To confirm the deletion, the ID of the user must be entered.
|
System administrators cannot delete themselves.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article
