Managing users

Users can access different resources in IBM RPA according to their roles. You can organize users assigning them to teams with different roles. There are separate permissions to the user access tools like IBM RPA Control Center, IBM RPA Studio, IBM RPA Vault, or IBM RPA Launcher. Learn more about how to create, view, edit, and delete users in IBM RPA.

About this task

This procedure shows how to create, view, edit, and remove a team. Move forward direct to the specific procedure:

Important: Versions earlier than 21.0.2 of IBM RPA implement a method of managing users based on three basic roles: Super Admins, Admins, and Users. For more information, see Managing users (IBM RPA version 20.12). This content is no longer regularly updated.

Before you begin

The user must have Tenant Administrator role permissions. For more information about roles and permissions, see Planning your environment to manage users.

Procedure for creating user

Starting from IBM RPA on premises version 23.0.8, newly created tenants can use custom identity providers for SSO authentication. If a custom provider has been assigned to the tenant, you can assign it to new user accounts. For more information, see Identity providers.

Creating a user

  1. From the Access menu, click the Users tab.
  2. Click the Create user button.
  3. Select Manually add users.
  4. Click Next.
  5. On the Name field, enter the user name used to log in.
  6. On the Email address field, enter the user's email.
  7. On the Identity provider field, select the identity provider to be used by the user's account for this tenant.
  8. Click Next.
Note:Step 7 does not show up if you are on a tenant created before version 23.0.8 or if the tenant does not have a custom identity provider assigned to it.

Assigning a user to roles

  1. On the Access pane from the Create user window, click Assign roles directly.
  2. Click Next.
  3. Select the roles that you want to assign to the user from the checkbox.
  4. Click Next.
  5. Review the summary from the user details and roles.
  6. Click Create.

You can see the permissions in a granular mode expanding each permission assigned to the roles.

Assigning a user to teams

  1. On the Access pane from the Create user window, click Add to a team.

  2. Click Next.

  3. Select the teams you want to assign to the user from the checkbox.

    If you haven't created any teams yet, click Create a new team button. For more information, see Managing teams.

  4. Click Next.

  5. Review the summary from the user details, teams, and roles.

  6. Click Create.

Procedure for creating multiple users at once

  1. Click the Create user button.
  2. Select Bulk add users.
  3. Click Next.
  4. Click download our .csv template here link to download either one of the bulk user creation file templates.
  5. Follow the template to create users. See Bulk user creation example.
  6. Upload the bulk user spreadsheet.
  7. Click Create.
Note:The server does not send confirmation emails to users created with the Bulk user creation option.

Bulk user creation example

To create multiple users at once, use the downloaded file template. Following is an example table:

name email password
username1 email@example.com password@123
username2 email2@example.com password@1234

Procedure for managing user's roles

Viewing user's roles

  1. Click on the user you want to edit or view the data.
  2. Click the Roles tab.

Adding a new role

  1. On the Roles tab, click Manage roles.
  2. Select the roles you want to assign to the user from the checkbox.
  3. Select the confirmation checkbox.
  4. Click Save.

Removing user's roles

From the Roles tab, click the subtract icon Removing role on the role you want to remove. Your user must have at least one role assigned.

Procedure for managing user's teams

Viewing user's teams

  1. Click the user you want to edit or view the data.
  2. Click the Teams tab.

Adding a new team

  1. On the Teams tab, click Manage teams.
  2. Select the teams you want to assign to the user from the checkbox.
  3. Click Save.

Removing user's teams

  1. On the Teams tab, click Manage teams.
  2. Clear the teams you want to remove from the checkbox.
  3. Click Save.

Procedure for resetting user vault credentials

On the user you want to reset vault credentials, click the vertical ellipsis button ⋮ > Reset Vault Credentials.

Procedure for editing user's details

  1. From the Access menu, click the user you want to edit.
  2. Click the Details tab, click the pencil pencil to edit user's details icon.
  3. Optional: Enter a new user name.
  4. Optional: Select the language preference from the list.
  5. Click Save.

Procedure for managing user's identity provider

  1. Go to the Details tab of the user whose identity provider you want to change.
  2. In the Danger zone section, click Change.
  3. A confirmation prompt shows up, click Confirm.

Local Identity Provider means that the user's account requires username and password to log in instead of SSO (single-sign-on).

Important:
  • Changing from the Local identity provider to Custom identity providers deletes the user's account password and retains the email for single sign-on (SSO).
  • Changing from Custom identity providers to the Local identity provider prompts the user to create a new password for their account through an automatic email sent to the registered email.
  • The Local Identity Provider is the only provider that can access V2 APIs.

Procedure for deactivating an existing user

On the Details tab from the Danger zone section, click Deactivate Then, click Deactivate again.

Important:The deactivated user no longer has access to any feature within IBM RPA. Only users with permission to manage tenants can reactivate this account. See the Checking user permission topic to learn how to check your user permissions.

What to do next

The new user receives an email to confirm the account creation. If the user is using the Local Identity provider, remember to follow the password complexity policy. For more information, see Password complexity policy.