Skip to main content

User Enrollment

Page 2.2.1: Enabling User Enrollment

Introduction

User enrollment allows individuals to create their own user accounts, which is particularly useful in environments where multiple people need access to the inventory system. Administrators can enable or disable this feature based on their preferences.

Steps to Enable User Enrollment

  1. Log In as Administrator

    • Access the web interface and log in using your administrator credentials.

  2. Navigate to Settings

    • Click on the "Settings" icon or select "System Settings" from the menu.

  3. Access User Management Settings

    • Within the settings page, locate the "User Management" or "Authentication" section.

  4. Enable User Enrollment

    • Find the option labeled "Allow User Enrollment" or "Enable User Sign-Up".
    • Toggle the switch to "On" or check the box to enable.

  5. Configure Enrollment Options (Optional)

    • Email Verification: Require new users to verify their email address before activating their account.
    • CAPTCHA: Add a CAPTCHA to the registration form to prevent spam.
    • Default User Role: Set the default permissions for new users (e.g., Viewer, Editor).

  6. Save Changes

    • Click the "Save" or "Apply Changes" button to update the system settings.

  7. Confirmation

    • A message should confirm that user enrollment is now enabled.

Security Considerations

  • Monitor Registrations

    • Regularly review new user accounts to ensure they are legitimate and authorized.

  • Set Strong Default Permissions

    • Assign minimal permissions to new users by default and adjust as necessary.

  • Implement Verification Steps

    • Use email verification or administrator approval to validate new accounts.

Disabling User Enrollment

  • If you wish to disable user enrollment at any time, repeat the steps above and toggle the "Allow User Enrollment" option to "Off".

Page 2.2.2: Administrative User Management

Introduction

Administrators have full control over user accounts within the system. This includes creating new users, editing existing accounts, resetting passwords, and managing user roles and permissions.

Accessing User Management

  1. Log In as Administrator

    • Use your administrator credentials to access the system.

  2. Navigate to User Management

    • Click on the "Users" or "User Management" tab, typically found in the main menu or settings area.

Creating a New User

  1. Click on "Add User"

    • Locate and click the "Add User" button.

  2. Enter User Details

    • Username: Input a unique username for the new user.
    • Email Address: Provide the user's email address (optional but recommended).
    • Password: Set an initial password or allow the system to generate one.
    • Role/Permissions:
      • Assign a role such as User, Editor, Manager, or Admin.
      • Customize permissions if the system allows granular control.

  3. Configure Additional Settings (Optional)

    • Force Password Change: Require the user to change their password upon first login.
    • Account Activation: Decide whether the account is active immediately or requires verification.

  4. Save the User

    • Click "Create", "Save", or "Add User" to finalize the process.

  5. Notify the User

    • Send the new user their login credentials securely, preferably through an encrypted method or in person.

Editing an Existing User

  1. Select the User

    • From the user list, click on the username of the account you wish to edit.

  2. Modify User Details

    • Update fields such as username, email, role, or permissions.
    • Reset the password if necessary.

  3. Save Changes

    • Click "Update" or "Save Changes" to apply the modifications.

Disabling or Deleting a User

  1. Select the User

    • Find the user in the list and click on their profile.

  2. Choose an Action

    • Disable Account:
      • Temporarily prevent the user from logging in.
      • Useful for suspending access without deleting data.
    • Delete Account:
      • Permanently remove the user from the system.
      • Optionally, delete or reassign any nodes or data associated with the user.

  3. Confirm the Action

    • A confirmation prompt will appear.
    • Review the details and click "Confirm" or "Delete".

Using Administrative Tokens (API Actions)

  • When performing administrative actions through the API, include the administrative token in your requests for authentication.

  • Example of adding a user via API:

mutation {
  createUser(username: "newuser", password: "password123", isAdmin: false) {
    id
    username
  }
}

Security Best Practices

  • Regular Audits

    • Periodically review user accounts and permissions to ensure they are up-to-date.

  • Strong Password Policies

    • Enforce password complexity and expiration policies to enhance security.

  • Limit Administrative Access

    • Only grant administrative privileges to trusted individuals who require them.

Troubleshooting

  • Unable to Create or Edit Users

    • Ensure you are logged in as an administrator.
    • Check for error messages indicating permission issues or system errors.

  • User Not Receiving Notifications

    • Verify the user's email address.
    • Ensure the system's email configuration is set up correctly.
No Comments
Back to top