User management
  • 16 Nov 2022
  • 3 Minutes to read
  • Dark
    Light
  • PDF

User management

  • Dark
    Light
  • PDF

Article summary

User Management

The authentication mechanism in Atomic Scope is Windows Authentication. By default, service account will be added to the system as an administrator. The administrator will have complete access to the Atomic Scope.
Once the application is installed, the Administrator can use this page to add users in the Active Directory to access the Atomic Scope.

image.png

Adding a new user

  • Enter the domain name.

  • Enter the Username or Group name, which must be part of the Windows AD.

  • If you have entered the group name and Enable the switch button. This ensures that all users in this Windows group have access to Atomic Scope.

  • If you want the user to be an administrator, toggle the Is Administrator button.

image.png

Manage user profile

For normal users, you can create a user profile with transaction restrictions. Administrators have full access to the workspace and business processes. This option will not be available to administrators.
After you've added the user, you can grant workspace and business process privileges as required.
Please refer to for the roles.
https://docs.atomicscope.com/docs/user-access-policy

Configuration of Transaction Restriction

You have a large number of global and stage properties in transactions. Normal users should be limited to granular transaction access based on the transaction stage and global properties configured by the administrator.
Refer the article for configuring the properties.
https://docs.atomicscope.com/docs/business-process-configuration
If you have configured the business process at the stage level, you can retrieve the properties from the message content and context at run time.

Rule

• A rule is a virtual container for conditions. A rule can have multiple conditions that can be grouped using logical operators (And & Or). The conditions will be checked in chronological sequence. The overall outcome of the conditions is the result of a rule.
• The value from the Rule Matching option, either All or Any, is used to evaluate a transaction based on the selection made.
o All - all rules in the transaction must be followed.
o Any - at least one rule in the transaction must be met.

create profile.gif

Condition

• A condition will have the following properties: property name, comparison type, value to be compared, and logical operator for grouping if any condition is added after it. Conditions can be easily added and removed by clicking the add and remove icons next to each condition.
• If a property name is similar, it will be difficult to determine which stage it corresponds to. So, in order to avoid misunderstanding, The stage properties of a transaction will be displayed in brackets alongside the stage name.
• The property data type selected determines the comparison type of a condition.
• If a transaction does not have any properties configured, it is not possible to add rules because there are no properties. Using the click here option within the transaction restriction, we can easily navigate to the relevant transaction in a new tab.
• After configuring the properties, use the refresh option to have all of the newly configured properties available for adding rules/conditions.

Orphaned property

• If any configured property is deleted or edited and used in any condition, those conditions are considered orphaned and are not taken into account based on the rule matching selected.
• Orphaned conditions will be highlighted so that they can be easily identified and addressed.

Once the profile has been created based on the rules and conditions. You can map the profile with an unlimited number of users.

Map the user profile

The options in Manage Users make it simple to map users to UAP profiles. Furthermore, UAP profiles for a user can be removed at any time in the future.

image.png

You can also select the custom profile as per the user requirement while mapping the profile to users.

custom profile.png

To map a UAP profile, the user must have at least one role in terms of workspace and business process. Users can be mapped to any previously saved global UAP profiles, or a custom selection can be made for an individual user.

Transactions for normal users will be tracked in accordance with the profile's restrictions. It will be useful to secure sensitive information if it is available in the specific transactions.


Was this article helpful?