Skip to main content
Skip table of contents

Access Management Tab

About this tab

The Access Management tab allows you to:

  • Create and revoke personal tokens

  • View and create groups for your organziation

  • View and create roles within your organization

  • View the list of users assigned to your organization

  • View policies for your organization

  • View the list of permissions for your organization

Below you can find more details about each of the sub-tabs.

Personal Tokens

Under Personal Tokens, you can create and revoke personal tokens. A personal token is a string of characters that you can use for authentication when accessing OCP® Console instead of the usual credentials.

Create a personal token

To create a personal token, proceed as follows:

  1. Click + Create Token. The dialog box opens.

2. Fill in the required fields.

  • Name: Your personal token’s name.

  • Group: Select a group from the drop-down list.

  • Expires at: The expiration date of the token. By default, the toggle is switched off. If the toggle is switched on, the token will expire on the selected day.

3. Click Create. The token is created, and the following dialog box opens:

4. Copy and save your token!

It is important to copy and save your token aside, otherwise you will not be able to see it again!

5. Click Close when finished.

The created tokens are listed as shown below:

Revoke a personal token

When a personal token expires, its status is changed to Revoked. You can also revoke your token manually. To revoke a token, click the Menu button → Revoke.

You cannot delete a personal token.

Groups

Under the Groups tab, you are able to view a list of all the groups associated with your organization, as well as have the ability to create new groups.

groups_list.png

Create group

To create a group in your organization, proceed as follows:

  1. Click + Create Group. The dialog box opens.

Create_group_dialog.png

  1. Fill in the required fields.

  • Group Name: Your personal token’s name.

  • Description: Optional description for your group.

  1. Click Add. The created group appears on the list of groups.

Add users to group

Once you have created a group, it is possible to include users. Follow the below steps to add a user to a group:

  1. Select a group from the available groups list. You will be directed to a page showing the users associated with the chosen group.

users_in_group_list.png

  1. Click + Add Users.

  2. In the opened pop-up window, fill in the fields as described below:

add_users_to_group.png

  • Users: Input the user's email address. If the email is valid, it will be displayed in a drop-down menu. Finalize your selection by clicking on the email. You can add several users' emails at a time.

  • User Role: Identify the type of user role applicable to this group.

  1. Click Add when finished. The newly added users will appear within the list of the group's members.

Remove a user from a group

You have the ability to remove users from any group of your organization. To delete a user from a group, follow the steps below:

  1. Select a group from the available groups list. You will be directed to a page showing the users associated with the chosen group.

  2. Click on the Context Menu icon and choose the Remove option.

delete_user_from_group.png

  1. A pop-up window will appear. Confirm the removal process by selecting Delete.

remove_user_confirm.png

The selected user will now be successfully deleted from the group.

Change a user’s role

You have the ability to change the role of any user from your organzition’s groups. To change a user’s role, follow the steps below:

  1. Select a group from the available groups list. You will be directed to a page showing the users associated with the chosen group.

  2. Click on the Context Menu icon and choose the Change role option.

change_user_role.png

  1. A drop-down list of available roles will appear. Select the new role you wish to assign to the user.

    Following these steps will successfully update the user's role in the group.

Roles

Within the Roles tab, you can see the list of existing roles for your organization, including predefined ones. In addition, a feature to create a new custom role is available in the same tab.

The displayed fields for each role include:

  • ID: The unique role ID.

  • Role Name: The specific name of the role.

  • Created at: The exact date when the role was established.

create_roles.png

Create role

To create a role, proceed as follows:

  1. Click + Create Role. The dialog box opens.

create_role_dialog.png

  1. Enter a friendly name to identify the role.

  2. Click Add. The created role appears on the list of roles.

Users

In the Users tab, you can view a complete list of your organization’s users and their details, such as:

  • User Name: The name of the user

  • Email: The email of the user

  • Groups: The number of groups the user is assigned to

  • Created at: The date of user account creation

  • Status: The activation status of the user

users.png

Click on a selected user to get more details as shown below:

user_details.png

Deactivate a user

You have the ability to deactivate users within your organization. Once deactivated, these users are removed from the organization and will be unable to log in to OCP®.

You will not be able to fully deactivate a user that maintains membership in more than one organization. In this case, you can only remove such users from your organization. They will, however, retain their ability to log into OCP®.

To deactivate a user, follow these steps below:

  1. Click the Context menu next to the user and select Deactivate.

deactivate_user.png

  1. In the pop-up window, click Deactivate to confirm the action.

deactivate_user_confirm.png

Policies

In the Policies tab, you can view standard and custom policies created for your organization.

A policy is a set of permissions that effectively determine the level of access for users or roles within the organization for a more secure and well-managed working environment. Using policies, you can easily streamline the level of accessibility, controlling tasks such as who can view, edit, or delete certain data.

Create a policy

To create a policy, proceed as follows:

  1. Click the + Create Policy button. The dialog box opens.

  1. Fill in the required fields:

  • Name: Name for the policy.

  • Description: Optional description of the policy for a better understanding of what it does.

  • Service: Click on the drop-down to select the service to which the policy will be applied.

  • Is it public policy: If switched on, the policy will be visible in the public area.

  • Permissions: Select permissions for the policy from the drop-down list. These are the permissions created in the Permissions tab.

You can only select the permissions that belong to the same service as the policy you are creating.

  • Users: Insert a user email to attach a policy to. You can attach a policy to multiple users.

  • Service accounts: Select a service account to attach a policy to. You can attach a policy to multiple service accounts.

  • Roles: Select a role to attach a policy to. You can attach a policy to multiple roles (Developer, Owner, Viewer, Maintainer, Custom role).

For higher-level roles requiring lower-level roles' permissions, these permissions must be explicitly linked to all roles. For instance, if all roles need access to the list of apps, each role must be featured. It is hence beneficial to establish a role-permission mapping in advance.

  1. Click Add. The policy is created.

Permissions

In the Permissions tab, you can view the list of permissions available for your organization. Permissions define what actions can be performed by a user with the given role on certain endpoints for a specific service. These permissions can be applied to your organization’s policies.

permissions_list.png

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close