Introduction

You can create one of the following types of users in your organization.

  • Partner scope - A Partner is a managed service provider who provides services to multiple clients.
  • Client scope - A Client represents an IT environment that you want to manage as a single unit with its own users.

After creating a user, you can assign the user to act on alerts and grant multiple permission levels to do various actions. If you want to do an action that requires multiple users, you can define a user group and assign users with roles to the group.

Create a user

Prerequisite: You must be an administrator to create a user.

Follow these steps to create a user:

  1. Navigate to All Clients and select a client.

  2. Navigate to Setup > Account. The Account Details page is displayed.

  3. Click the Users and Permissions tile on the Account Details page. The Permission Sets page is displayed.

  4. Click the Users tile.

  5. Click + Add. The Add User page is displayed.

    Add User screen

  6. Select the scope:

    • Client User - User is added to the selected client.
    • Partner - User is added to the partner and can access all clients across the partner.

  7. Account Type: By default, the Account Type is Regular User. Select Business User or Business Essentials User as required.

  8. Enter the user details like User Name, Password, First Name, Last Name, Country, Primary Email, Mobile Number, Time Zone. Fields marked with an asterisk (*) are mandatory.

  9. Enter the mobile number where you want to receive SMS and Voice notifications. The mobile number format should be prefixed with the country code.

  10. User Access: You can grant user access to either the portal, API, or both.

    • Portal: If you select Portal, the user can access the application based on the permissions granted to him/her.

    • API: If you select API, the user can perform operations using the Key pair that is provided by the administrator.
      Note: With only API access, the user cannot log in to OpsRamp.

    • If you select both Portal and API, the user will have access to both API and OpsRamp, based on the permissions.
      Note: If the user is terminated or deactivated, the corresponding key and secrets will be automatically invalidated.

      Access token and Key pair

    • Revoke Key Secrets: Follow these steps to revoke the API key secrets for the user:
      Note: An Administrator with Manage Users and Manage Integration permissions only can perform these actions.

      • Click the user name on the user listing page. From the User Details view page, click the Revoke Key Secrets button.
      • On the confirmation dialog box, click Yes. The API key secrets are revoked.

      You can generate new API key secrets. Click the Generate Key Secrets button. Note: The Generate Key Secrets button appears, only if the key secrets are revoked.

  11. Select Notification Preferences.

  12. Click Assign Roles and assign roles to the user.

  13. Click Save if you want to create a user profile without assigning groups, Otherwise, click Assign Groups.

  14. From Assign Groups, select one of the following to specify group membership for the user:

    • Part of All User Groups
    • Restricted to specific user groups.
    • Part of no User groups

  15. Click Save. The user is created and listed on the Users page.

Set Notification Preferences

The primary email address is the default email used for receiving notifications. You can select to use an alternative email address.

  • Account Information - All account related information is sent to the selected email address. Select Primary Email, Alternate Email, or both.
  • Alert Notification - Alert escalations are sent to the selected email address. Select Primary Email, Alternate Email, or both. You can also opt not to be notified.
  • Report Notification - Report notifications with the report download URL are sent to the selected email address. Select Primary Email, Alternate Email, or both. You can also opt not to be notified.
  • Send notifications for recurring reports as a single digest: Select Yes or No.
  • Export Notification - Batch export failure mail is sent to the selected email address. Select Primary Email, Alternate Email, or both. You can also opt not to be notified.
  • Login Activity Notification - Any Login Activity like successful login, failed login (incorrect password or incorrect MFA token) and successful logout are sent to the selected email address. Select Primary Email, Alternate Email, or both. You can also opt not to be notified.

Update a user password

An Administrator user can update the password of any user. To reset the password of a user, perform the following steps:

  1. Navigate to Setup > Account > Users and Permissions tile > Users.

  2. Search for the user and click the user name.

  3. In the USER DETAILS page, click Edit.

  4. In the User Details tab, do the following:

    • Password - Enter the password
    • Confirm Password - Enter the password again
  5. Click Save.
    If the Administrator user has the Two-Factor Authentication enabled, the authentication window is displayed.
    The Administrator user has to authenticate and proceed to reset the password.
    The password will be reset.

Search for a user

You can use the search option to find a user by the user name.

For searching multiple users who share the same criteria, use the dropdown:

  1. Click the dropdown.

  2. Select users with one of the following states:

    • Active – Users actively using the platform.
    • Deactivated – Currently deactivated users.
    • Locked – Currently locked-out users.
    • Terminated – Users terminated from the platform.
Filter Criteria - Users

Activate a user

Prerequisite: You must be an administrator to activate a user.

Use the Activate option to permit a user access, including reactivating a deactivated user:

  1. Navigate to Setup > Account > Users and Permissions tile > Users.

  2. From the status dropdown, select Deactivated. The list of deactivated users is displayed.

  3. Hover over the row and click the action menu (three dots).

  4. Click Activate.

  5. The user is activated successfully.

Users are deactivated if they do not provide consent to the agreement in 90 days of their account creation. Before deactivating the account of such users, an email notification is sent after 80 days.

Deactivate a user

Prerequisite: You must be an administrator to deactivate a user.

Deactivating a user account means disabling the user account for a specific period of time wherein the user account and related data would be available on the system, but users cannot use the account. The account can be activated later.

Use the Deactivate option to restrict the user access:

  1. Navigate to Setup > Account > Users and Permissions tile > Users.
    By default, all active users are listed on the page.

  2. Search for the user you want to deactivate.

  3. Hover over the row and click the action menu (three dots).

  4. Click Deactivate.

  5. From the Deactivate user popup box, enter the exact name of the user and provide a reason for deactivating the selected user.

  6. Click Deactivate. The user is deactivated.

After deactivating the user, view the deactivated user details using the dropdown:

  1. From the Users page, click the dropdown.
  2. Click Deactivated. All the deactivated users are displayed.

Terminate a user

Prerequisite: You must be an administrator to terminate or remove a user.

Terminating a user account means removing the user account permanently wherein the user account and related data would not be available on the system and the user cannot use the account. The account cannot be activated later.

  1. Navigate to Setup > Account > Users and Permissions tile > Users.

  2. Search for the user you want to terminate.

  3. Hover over the row and click the action menu (three dots).

  4. Click Remove.

  5. From the Confirm removing user popup box, enter the exact name of the user and select any of the masking patterns option to mask the personal information:

    • Fully Masked – Partially masks First Name and Last Name and completely masks other personal information.
    • Partial Masked – Partially masks all personal information.

  6. Enter the reason for termination of the selected user.

  7. Click Remove. The user is removed successfully.

All terminated user Personal Identifiable Information (PII), including first name, last name, email, and phone number, is removed from the database and cannot be restored later.

To view the terminated user details:

  1. From the Users page, click the status dropdown and click Terminated. All the terminated users are displayed.

The Users page displays the terminated user PII in a completely masked or partially masked format and displays the user name as a random unique ID. You can trace back the details of a terminated user using the audit reports. From the generated audit reports, check the Object Name column to map the unique ID and the terminated username.

Unlock a locked user

After three unsuccessful attempts to log in to OpsRamp, the user account is locked.
Contact your Administrator to get the account unlocked.

Follow these steps to unlock a locked user:

Prerequisite: You must be an administrator to unlock a locked user.

  1. Navigate to Setup > Account > Users and Permissions tile > Users.

  2. From the status dropdown, select Locked. A list of all the locked users is displayed. A lock icon indicates that the user is locked.

  3. Hover over the row and click the action menu (three dots).

  4. Click Unlock.

  5. From the Unlock User popup box, provide the reason for unlocking the user.

  6. Click Unlock. The user is unlocked successfully and moved to the active state.

  • Other actions you can perform on a locked user, from the action menu (three dots) are:
    • View
    • Deactivate
    • Terminate

You can view the number of users on the Users and Permissions tile on the ACCOUNT DETAILS page.