Questions and Tips to consider when setting up a new user in Aware.
Adding a New User
Adding a new Aware User is a quick and simple task, it should only require administrative permissions and five minutes of your time. With Role-Based Access Controls (RBAC) each new user will need to be assigned to a Role. The Role is associated with a Data Access Set and this helps limit each users visibility and permissions within the Aware Applications and collaboration data.
Questions to consider when creating a new user:
- What Aware Applications will they have access to?
- What Role/s will this user be assigned to? Will your internal departments help identify the user's Role?
- Have you established Roles and Data Access Sets? These will need to be established before adding any users.
- Will you need to set up SSO?
- Will users need access to pre existing Signal Policies or Search Results? If so, read below for best practices on granting access.
Tips to Remember:
- Ensure the user creation workflow is completed before assigning any Roles. The user will not be created if you try to assign the role during the initial process.
- Aware Users can have multiple Roles
-
For current customers, if you want to add new users to view certain Signal Policies or Search Results that were created prior to RBAC migration you would need to do one of three steps:
-
Change the Data Access Set associated with the Signal Policies/Searches
-
Create a role, attach it to the Data Access Set associated with the Signal Policy/Search, and add the user to that role.
-
Assign the associated migrated Data Access Set to the Signal/Search & Discover Admin Role
-
Adding a New SSO User
Adding a new user that will use Single Sign On (SSO) is an easy process that can be handled entirely by your Aware Administrator and Identity Provider Administrator.
Tips to Remember:
- When setting up a new SSO User, we recommend you wait to assign Roles until AFTER they have signed into Aware with their SSO credentials. Assigning Roles before could result in in permissions being removed upon first user log in.