Access Management Tab

About this tab

The Access Management tab is designed for organization’s admin users, that are the OCP® users who have been granted elevated permissions to manage authentication tokens, user groups and roles for their organization. This tab allows organization admins to streamline and control access, ensuring that only authorized users can perform specific actions.

To better understand what an Organization is and the responsibilities of its admin user in OCP infrastructure, read the Organizations, Groups, and Roles article.

Under this tab, as an organization’s admin user, you can:

• Create and revoke personal tokens

• View and create groups for your organization

• Add and remove users from your organzation’s groups

• View and create roles within your organization

• Assign roles to user within your organization

• View the list of users assigned to your organization

• Deactivate users within your organization

Below you can find more details about each of the sub-tabs.

Personal Tokens

A personal token is a string of characters that you can use for authentication when accessing OCP® Console instead of the usual credentials. Personal tokens provide a secure and less cumbersome alternative to traditional login credentials.

Under the Personal Tokens tab, you can create and revoke personal tokens.

Create a personal token

To create a personal token, proceed as follows:

1. Click + Create Token. The following dialog box opens.

2. Fill in the fields

• Name: Enter the name for your personal token’s name.

• Group: Select a group from the drop-down list. If the list is extensive, start typing the group’s name to narrow down the options.

• Expires at: Defines the expiration date of the token. By default, the toggle is switched off. If the toggle is switched on, the token will expire on the selected day.

3. Click Create. The token will be created, and the following dialog box will open:

4. Copy and save your token!

It is important to copy and save your token aside, otherwise you will not be able to see it again!

5. Click Close when finished. The created tokens are listed as shown below:

Revoke a personal token

When a personal token expires, its status is changed to Revoked. You can also revoke your token manually. To revoke a token, click the Menu button → Revoke.

You cannot delete a personal token.

Groups

Under the Groups tab, you are able to view a list of all the groups associated with your organization, as well as have the ability to create new groups.

If the list of groups within your oranization is extensive, you can use the Search field for convenience.

Create group

To create a group in your organization, proceed as follows:

1. Click + Create Group. The dialog box opens.

2. Fill in the fields as described below:

• Group Name: Your personal token’s name.

• Description: Optional description for your group.

3. Click Add. The created group will appear in the list of groups.

Add users to group

Once you have created a group, you can add users to this group. To add a user to a group, follow the steps below:

1. Select a group from the available groups list. You will be directed to the page showing the users associated with the selected group.

2. Click + Add Users.

3. In the opened pop-up window, fill in the fields as described below:

• Users: Enter the user's email address. If the email is valid, it will be displayed in a drop-down menu. Finalize your selection by clicking on the email. You can add multiple users' emails at a time.

• User Role: Identify the type of user role applicable to this group.

4. Click Add when finished. The newly added users will appear within the list of the group's members.

Remove a user from a group

You have the ability to remove users from any group of your organization. To delete a user from a group, follow the steps below:

1. Select a group from the available groups list. You will be directed to a page showing the users associated with the chosen group.

2. Click on the Options Menu icon → Remove.

3. A pop-up window will appear. Confirm the removal by clicking Delete.

The selected user will be deleted from the group.

Change a user’s role

You have the ability to change the role of any user from your organzition’s groups. To change a user’s role, follow the steps below:

1. Select a group from the available groups list. You will be directed to a page showing the users associated with the chosen group.

2. Click on the Options Menu icon → Change role.

3. A list of available roles will appear.

4. A notification will appear in the top right, confirming the successful update of the user’s role within the group.

Roles

Within the Roles tab, you can see the list of existing roles for your organization, including predefined ones. In addition, a feature to create a new custom role is available in the same tab.

The displayed fields for each role include:

• ID: The unique role ID.

• Role Name: The specific name of the role.

• Created at: The exact date when the role was established.

Create role

To create a role, proceed as follows:

1. Click + Create Role. The following dialog box opens.

2. Enter a friendly name to identify the role.

3. Click Add. The created role will appear in the list of roles.

Users

In the Users tab, you can view a complete list of your organization’s users arranged alphabetically, and their details, such as:

• User Name: The name of the user.

• Email: The email of the user.

• Created at: The date of user account creation.

• Status: The activation status of the user.

To find a specific user in a large list, use the search field to enter the user’s name or email. The search engine quickly filters results even with just a few letters.

To display only admin users, enable the Admin Users toggle as shown below. Note that the search functionality is not applicable when filtering by admin users.

User details

To view the additional details of a user, click on a selected user. The user’s information is split into three sub-tabs:

• Profile

• Attributes

• Groups

Profile

In the Profile sub-tab, you will see the general information about the user, such as user’s name, phone number, email address, the user creation date and the date of the user’s last login.

Attributes

In the Attributes sub-tab, the following user information is available:

• Account status: The status of the user activation profile: Activated or Deactivated. To change the account status, click the Options menu button → Activate User or Deactivate User respectively.

• Email Verification Status: The status of the user’s email verification: Verified or Unverified.

• User Verification Status: The status of the user’s verification: Verified or Unverified.

• User Has Trial: If the user is using the trial license: Yes or No.

Groups

The Groups sub-tab displays the groups to which the user is assigned.

• Group: Indicates the list of user's associated groups.

• Role: Shows the user's role within the corresponding group. You can read more about Roles mapping.

If the list of groups is extensive, you can utilize the search filter to locate the required group.

To navigate back to the user list, click the Arrow icon located next to the user's name.

Deactivate a user

You have the ability to deactivate users within your organization. Once deactivated, these users are removed from the organization and will be unable to log in to OCP®.

You will not be able to fully deactivate a user that maintains membership in more than one organization. In this case, you can only remove such users from your organization. They will, however, retain their ability to log into OCP®.

To deactivate a user, follow these steps below:

1. Click the Context menu next to the user and select Deactivate.

2. In the pop-up window, click Deactivate to confirm the action.