Overview
The Users module provides comprehensive user management capabilities for both your internal team and client users. Control access, manage permissions, and track user activities across the platform.Key Features
User Management
Create and manage user accounts across organizations
Role-Based Access
Define roles and permissions for secure access control
Activity Tracking
Monitor user activities and system access
Multi-Factor Auth
Enhanced security with 2FA and SSO options
User Types
Internal Users
Your MSP team members who manage the platform:- Administrators
- Technicians
- Service desk agents
- Account managers
Client Users
Client organization members with portal access:- IT administrators
- Department heads
- End users
- Executives
User Management
Creating Users
1
Basic Information
- First and last name
- Email address (used for login)
- Phone numbers
- Job title and department
2
Access Configuration
- Assign user role
- Set company association
- Configure permissions
- Enable/disable features
3
Security Setup
- Set temporary password
- Configure 2FA requirements
- IP restrictions (optional)
- Session timeout settings
Role Management
Default Roles
- Full system access
- User management
- System configuration
- All company access
Custom Roles
Create custom roles with specific permissions:- Module access control
- Feature-level permissions
- Data access restrictions
- Action limitations
Permission System
Permission Categories
Module Access
Control which modules users can access
Data Permissions
Define what data users can view/edit
Action Permissions
Specify allowed actions (create, edit, delete)
Report Access
Control report generation and viewing
Permission Inheritance
- Company-level defaults
- Role-based permissions
- User-specific overrides
- Department-based access
Security Features
Authentication Methods
- Email/Password: Traditional authentication
- Single Sign-On (SSO): Integration with identity providers
- Multi-Factor Authentication: SMS, TOTP, or email codes
- Biometric: Fingerprint or face recognition (mobile)
Password Policies
Configurable requirements:- Minimum length
- Complexity requirements
- Expiration periods
- History restrictions
- Failed attempt lockouts
Session Management
- Configurable timeout periods
- Concurrent session limits
- Device tracking
- Remote session termination
User Profiles
Profile Information
- Personal details
- Contact information
- Notification preferences
- Language and timezone
- Avatar and customization
Skills & Certifications
Track technician capabilities:- Technical skills
- Certifications
- Specializations
- Training history
Activity Monitoring
Audit Logs
Track all user actions:- Login/logout events
- Configuration changes
- Data access
- Permission changes
Activity Reports
User Onboarding
Automated Workflows
1
Welcome Email
Automated welcome message with login instructions
2
Initial Setup
Guided setup wizard for new users
3
Training Resources
Access to documentation and tutorials
4
Verification
Account verification and security setup
Bulk Operations
Import/Export
- CSV import for bulk user creation
- Active Directory synchronization
- LDAP integration
- Export user lists
Batch Actions
- Mass password resets
- Bulk role assignments
- Group notifications
- Access revocation
Notifications
User Notifications
Configurable alerts for:- Account changes
- Security events
- System announcements
- Task assignments
Admin Notifications
Alerts for administrators:- Failed login attempts
- Permission escalations
- Unusual activity patterns
- License limits
Best Practices
Regular Audits
Regular Audits
Perform quarterly user access reviews to ensure appropriate permissions
Least Privilege
Least Privilege
Grant users only the minimum permissions required for their role
Strong Authentication
Strong Authentication
Enforce MFA for all administrative accounts
Deprovisioning
Deprovisioning
Immediately disable accounts when users leave the organization
Integration
Directory Services
- Active Directory
- Azure AD
- Google Workspace
- LDAP
Identity Providers
- Okta
- Auth0
- OneLogin
- Custom SAML
Troubleshooting
Common issues and solutions:
- Login failures: Check password, account status, and IP restrictions
- Missing permissions: Verify role assignments and inheritance
- SSO problems: Validate IdP configuration and certificates