Administrators can manage users by logging in to auth service.
To add a user credential record to auth server the administrators will need to use auth service-user management tab:
This tab is only visible to global admins and allow them to add, delete and modify all users.
1.Add a new user:
A user can be added in two ways:
|From auth service directly using add user tab
a.Adding user from auth service just needs the text fields to be fillets. Email is optional while all other fields are necessary.
b. User can be created in third party application:
The administrator will need to set up an account in third party software.
2. Deleting a user:
Any user can be deleted from the user management tab. After clicking on delete user button the dialog box is displayed, and the user is deleted according to response.
3. Resetting password:
If a user forgets his password a global admin can reset the password using reset password option. You only need to reenter the passwords in both these fields.
4. Changing roles:
There are only two roles in auth service. Global admin and user. Only a global admin can see the user management screen and change roles.
Log in Shop floor viewer:
Once a user credentials are added to auth server the user can simply login to SFV using username password.
This screen starts the shop floor viewer app itself. While the next image let user authenticate and login to application.
If the user is logged in successfully, they can use the application as normal. The cookie will be updated to browser cache and the user will not need to login again on all applications.
Provisioning a user on Shop Floor Viewer:
Once user is created the administrator can login to SFV and assign the users a role if needed. If a user has no role assigned, they will be defaulted to an operator on a successful login.
These settings are in environment settings file and can be used to change the default role from operator to some other role:
If the autoProvisionUser is set to true, the user will automatically be assigned operator role. If it is set to false, we need to define a role at autoProvisionUserRolesetting. You will need to contact a Proplanner representative to make these changes.
Login to SSO Assembly planner
Assembly planner use the same two step login just like SFV. The first screen starts the app and second screen authenticates the user. Once successfully logged in the users can use the application as normal.
Advantages of using SSO:
a)Reduces password fatigue:
Once the user is successfully logged in and cookies are updated, they can access all the applications. The user won’t need to enter username and password multiple times.
b)Simplifies username and password management:
The administrators will need to setup a user record only once in auth service and then user can be automatically provisioned in all applications.
c)Third party login:
Customers can use their own third party SSO accounts.
d)Less timeout issues:
Ideally the cookie is verified automatically before timeouts. Thus, keeping user logged in the application unless manfully logged out.