Users
Settings > Administration > Users
A User is a member of one or more Teams in the platform. A user record contains basic information such as login, password, email, and other descriptive attributes. Within a team, each member is assigned a Role.
The combination of Team and Role assignments control the user's ability to view and access data.
Users that have the Access Control/User Management permission can add new users in the platform
- Learn More: Available Permission Rights
Guidelines
In conjunction with Access Profiles, the combination of Team and Role assignments controls the user's ability to view and access data.
- Users
- Users can be members of multiple Teams
- When users are given access to an application, they are assigned one or more Roles
- Roles
- Roles are defined for applications
- Roles define the types of data users can access and share with other team members
- Default Roles are available in the platform
- Additional roles can be created and the default roles can be modified as needed
- Teams
- Each user must be assigned to a Primary Team.
Add a User
To Add New Users:
- Click Settings > Administration > Users
- Click the [Add User] button
- Edit the information under each section; Note that some fields are required. See this information about selecting a User Name.
- Fill in the information in the sections below
- Click [Save]
(Note that User information can be updated at any time.)
- Basic Information
- First Name
- The first name of the user
- Last Name
- The last name of the user
- Company
- The company where the user is employed
- Title
- The professional title of the user
- Time Zone
- Time Zone, based on Time Zone Codes
- User License Type
- License Type; choose Site User or Platform User
- Reports To
- The person on your team to whom this new user reports to
- Employee Number
- The user's work or sales territory and employee number; if a user supports multiple territories, include each territory, separated by commas
- Login Information
- The email address to use for sending and receiving email through the platform
- Username
- Username is a unique name associated with each User. Username is required to Login, can be an email address or an alphanumeric text string.
- Password
- The default temporary password assigned to the new user, who will be prompted to provide a new password after logging in
- Active
- Makes this User's account active
- Single Sign-On
- If Single Sign-On is enabled, one of the following options is displayed, depending on the configuration:
- Single Sign-On - Delegated Authentication:
- Checkbox
- If checked, Single Sign-on is enabled for this user
- Single Sign-On - SAML
- Either a Federation Id or platform User Id field is displayed.
- If blank, Single Sign-on is disabled for this user
- Enter a value to enable Single Sign-On for this user
- UserId is the Record Identifier of the user that is logged in
- Federated Identity acts as a user's authentication across multiple IT systems or organizations
- Team Membership Information
- Primary Team
- Each user must be assigned to a Primary Team.
- Role in the team
- Select a role from the lookup window
- Address and Contact Information
- Phone
- The user's telephone number, including area code
- Mobile Phone
- The user's mobile phone number, including area code
- Fax
- The user's fax number, including area code
- Street Address
- The user's street address
- City
- The user's city
- State
- The user's state or province
- Postal/Zip Code
- The user's postal or zip code
- Country
- The user's country
- Notify User by Email
- Notifies the user by email of any status changes in their account
When a User is added, the record remains in the database, and the tasks and activities associated with that user are tracked in the Audit log.
For Developers
When using the REST API to Add a User, the password is optional, and not required. Password policies are implicit and are applied automatically when a new user record is created.
- Learn more: Add a User (Record)
Edit Users
To Edit User Information:
- Click Settings > Administration > Users. The default view displays all Active Users. You can select another type of user, if required, from the Views icon.
- Click the [Edit] button next to the name of the user you want to edit.
- Edit the information under each section; Note that some fields are required.
- Click [Save] to save the user information
- Optionally, choose one of the following actions:
Note: The ability to edit users is subject to the Permissions Hierarchy restrictions.
Reset a User Password
- Click > Administration > Access Management > Users
- Click the [Reset Password] button
- Use the Lookup to Select a User
- Click [Save].
The user's password is reset and a temporary password is emailed to the user's email address.
Note:
- The user is required to change the Password and verify the Security Question at Login.
- Users who are recognized via the LDAP Configuration are not included in the list of users whose password can be reset. Such changes must be made in the LDAP directory.
- When session management capability is enabled, all existing user sessions will be logged out when the password is reset or changed.
Customer Support Login
A Service Provider's Customer support often needs to login to a tenant, so they can help with its configuration. The Customer Support Login lets them login as the admin user in the specified tenancy, to do that.
Users that have the Customer Support Login Permission permission can Login by Proxy to a Tenant
To Login by Proxy to a Tenant:
- Open the Tenants object
- Navigate to the Tenant of interest
- In the Quick Links section, click the Customer Support Login link to login as this user
- This Login by Proxy is tracked in the Audit Log, and is visible to the user
- When the investigation is complete, click the Switch Back link to exit the Proxy Login and revert to your last login state
Proxy Login as this User
As an administrator responsible for a number of Users, it is often convenient to diagnose user issues by logging in via proxy. With this login, you gain full access to all actions available to the user. (Each action performed during a Proxy Login is audited and logged.)
Users that have the Proxy Login Access permission can Login as another user to troubleshoot problems that may arise in a user's account
When a Proxy Login is initiated, a dialog box opens to remind the user that a record of these actions will be created. The user can opt to continue or cancel the action.
- To execute a proxy login
- Click > Administration > Access Management > Users
- Select a user
If your role has the capability to do a proxy login, the [Proxy Login] button is visible. - Click the [Proxy Login] button.
A confirmation dialog appears. - Click [OK]
- If this is a first-time login, you may need to answer a Security Question
- The name of the user will appear on the screen, in place of your username
- Perform any necessary troubleshooting activities
Note: You can only login-by-proxy as a member of your team or one of its subteams, as specified by the Permissions Hierarchy restrictions.
- To close a proxy login session
- Click the down arrow next to your name at the top of the window.
- A drop down appears with additional options.
- Learn more: Using the Agent Portal#User Options
- Click the Switch Back link that appears above the Logout option.
- Confirm that your login name appears on the screen, which indicates that you have successfully closed the Proxy Login session.
Manage Proxy Login Permissions
Grant Users the ability to Login as selected Users or a group of users in a Team.
Users that have the Proxy Login Configuration permission can enable Proxy Login for users
To enable the Proxy Login rights:
- Click > Administration > Access Management > Users
- Select the user of interest
- Click the [Proxy Login Permissions] button
- By default, no Users or Teams are displayed
- The Default Proxy Login settings grant this user Proxy Login rights to All Users and Teams
- If Users or Teams are selected, then this user has Proxy Login rights to the selected Users/Teams, only
- Click the [Edit] button to modify the Default Proxy Login settings
- Choose the desired Users or Teams
- Click [Save]
- Considerations
-
- The User/Team relationship is additive, meaning that:
- If a Team is selected, all Users on that team are available for Proxy Login by the selected user
- If individual Users are selected, only those individual Users are available for Proxy Login by the selected user
- If a Team is selected, and individual Users in that team are also selected, then the addition of those users makes no difference (because the Users are already members of the selected Team)
- However, if those Users move to a new Team in the future, then this permission will apply to those Users in their new Team
Deactivate a User
When a user leaves your organization, the best way to manage this kind of change is to Deactivate the user. While it might seem logical to delete the user from your database, consider that the system keeps a history of user interactions (record ownership, activities, tasks, email messages, etc.) If the user were to be deleted, that history would be lost.
Instead, when you deactivate that user, you free a License that can be applied to a new user.
In large organizations, it is a good practice to create a team that will hold deactivated users.
To deactivate a user:
- Remove the user from all but one team - see Remove Team Members
- Deactivate the User
- Click Settings > Administration > Users
- Open the user record, and deselect (uncheck) the Active checkbox. (Verify that the Active checkbox is not checked).
This user is now deactivated, and the License is now free to assign to another user.
Tips
- Deactivating a user will not change your Subscription Plan
- To change the number of licenses in your subscription, modify your Subscription Plan
See also: Customize the Users Object