An administrator or a user with privilege to add users can add the following types of users to Paragon Automation:
Local users, where the user is authenticated and authorized by Paragon Automation.
LDAP users, where the user is authenticated in the LDAP server, but authorized by Paragon Automation.
Third-party users, where the user is authenticated by OpenID Connect or Google and authorized by Paragon Automation.
To add a user:
- Click Administration > User Management > User.
The Users page appears.
- Click the Add (+) icon.
The Create User page appears.
- Complete the configuration as described in Table 1.
- Click OK to save the changes.
If you click OK, a confirmation message indicating that the user account is created appears and the user account is listed on the Users page.
After the user is created, if SMTP is configured on the device, the user receives an activation e-mail from Paragon Automation. The e-mail contains the link to activate the user account that was created. By default, the activation link expires within 24 hrs. If the user does not click the activation link and set a password, the account is not activated. To activate the account, you should resend the activation link by clicking More > Resend Activation Link.
Table 1 lists the fields on the Create User page.
Table 1: Fields on the Create User Page
Enter a valid e-mail address in the user@domain format for the username.
Enter the first name of the user as a string of alphanumeric characters and some special characters [underscore (_) and hyphen(-)]; 32 characters maximum.
Enter the last name of the user as a string of alphanumeric characters and some special characters [underscore (_) and period(.)]. 32 characters maximum.
Click the toggle button to enable (default) or disable the user.
A user can log in to Paragon Automation only when you enable the user.
Select the type of authentication service for the user—Local, OpenID Connect
Assign the password for the user.
The password should be between 6 to 20 characters and contain upercase letters, lowercase letters, numbers, and special characters.
Note: This field is displayed if you selected to install Identity Access Management (IAM) without email verification, that is, by setting the skip_email_verification variable to false. This installation is helpful when you do not want to use the SMTP service for sharing the password with the user; for example, in a lab setup.
Assign one or more roles to the user.
To assign roles, select the roles to be assigned in the left column and then click >. The selected roles are moved to the right column.