Everyone who needs to log in to AuthAnvil Password Server requires a User. Each username is unique as it is tied to a specific email address. This email will be used for logging in as well as for user notifications (i.e. password expiry, requesting access, permission approval).
Adding new users is done from the Users tab. Just hover over the actions menu and click Add User.
- In the “General Information” panel, fill in the user’s personal data, account status, and set their permissions.The available permissions are:
- Requires two-factor authentication to login: The user does not use a password, instead using AuthAnvil Two-Factor Auth to log in.
- Allowed to maintain a Private Vault: The user is allowed to maintain a private vault, where they can keep private passwords. See the section on Private Vaults later in this document for more details.
- Allowed to create Shared Vaults: The user is allowed to create and manage new shared vaults. This permission implies the “Allowed to own Shared Vaults” permission.
- Allowed to own Vaults and create Personal Vaults: The user is allowed to be assigned the “owner” permission for shared vaults so that they can manage them. They are also able to manage their own Personal Vaults. See the section on vault types later in this document for more details.
- Organization Administrator: The user is an organization administrator, allowed to manage users, settings, and sync agents, and run reports. If the administrator is also assigned the “Allowed to own Shared Vaults” permission, they can seize control of shared vaults.
- If the user is set to require Two-Factor Auth, the SAS URL and Site ID for their AuthAnvil Two Factor Auth Server can be set on the “AuthAnvil Two Factor Auth Settings” panel. Here, you can also set the user to use the organization’s Two Factor Auth settings, as configured on the Settings tab.
- On the “Roles” tab, the user can be assigned to one or more Roles, which will control which Scopes they can see. Note: A user must be assigned to at least one Role.
- Finally, click “Save Changes” to create the user.
Managing existing users is done from the Users tab. Just click on the username of the user that you would like to manage.
When managing a standard user, you can change the following things:
- General Information Tab: Email Address, Display Name, Password (if enabled) user permissions, and whether the user is enabled or disabled.
- AuthAnvil Two-Factor Auth Settings: SAS URL and Site ID or Use Organization Settings
- Scopes: Which Scopes the user is assigned to.
- Actions menu: Delete the user.
When finished, click “Save Changes” to save changes, or “Cancel” to cancel them.