User Management - User Guide

User Management

Introduction

User Management component includes the functionality that facilitates managing user account and user roles. The key functionalities of this component include:

  • Add, modify or remove user accounts
  • Add, modify or remove user roles
  • Add, modify or remove external user stores
User Manager User Interface Figure: User Manager User Interface.

Manage User Accounts

User Management User Interface

Figure: User Management User Interface.

You may add new user accounts, modify existing accounts or delete existing account with this user interface.

To add a user, you must provide the user name and the password.

You can modify the user account and change the password for a user. You cannot change the user name of an existing user.

You may also delete the existing users that you added. Note: You cannot delete the admin user account from the system.

Manage User Roles

Role Management User Interface

Figure: Roles Management User Interface.

You can add new user roles, modify existing roles or delete existing roles with this user interface.

To add a new role, you must provide the role name. You can optionally select the set of users that belongs to that role. You may also select the system permissions for the new role, in the second step of add new role wizard.

You can modify the user roles and add/remove users to the role or add/remove system permissions for the role.

You may also delete the existing roles that you added. Note: You cannot delete the admin role from the system.

Manage External User Stores

External User Sotre User Interface

Figure: External User Sotre User Interface.

You can plug in an external user store and use the existing users and roles you have already configured in third party user stores. User manager supports following forms of external user stores.

  • Lightweight Directory Access Protocol (LDAP) based user sores
  • Active Directory (AD) based user stores
  • Custom relational database based user stores
With LDAP and AD, you can use the existing authentication systems to control access to WSO2 Carbon platform. You can also use your own custom database, designed to suite your needs, to manage users and roles, and plug it in to the WSO2 Carbon platform. Note: WSO2 Carbon does not support more than one external user store to be plugged in parallel. However, you can have both the internal user store and an external user store configured, and the Carbon platform would use both of them when authenticating and authorizing users.