Managing Users
Users can be managed from the Internal Directory IDMS, or Kion can integrate with Microsoft Entra ID via LDAP or a SAML 2.0 provider. There is no limit to the number of IDMS's that can be enabled at the same time. Users can also be added to groups for easy management of permissions and access.
For more information about using an IDMS, see Identity Management. For information about adding users, see Add a User and Bulk Add Users.
To view all users click Users > All Users in the left navigation menu. The logged-in user will display a This Is You badge.
Click the user's name to visit their user details page. Clicking the ellipsis menu on the right of a user gives you different options depending on the IDMS you are using. The possible options include:
- View. View the user's details.
- Edit. Edit the user.
- Disable. Disables the user, which means they can no longer log in. Users can be re-enabled at any time by an administrator. For more information, see Disable a User.
- Enable. Enables an already disabled user, allowing them to log in again. For more information, see Enable a User.
- Unlock. Unlock a user's account. This option is available to admins if a user has been locked out due to excessive login failures.
- Delete. Deletes the user. For more information, see Delete a User.
- Reset MFA. Forces the user to register a new MFA token at the next login. This is for situations where the user loses their MFA token. For more information, see Multi-Factor Authentication.
Unlocking a User
Users that have been locked out due to login failures will be displayed with the badge shown below. You can configure the lockout parameters by editing the IDMS settings. An admin can select Unlock in the ellipsis menu to unlock the account.
Viewing User Permissions
The Permissions tab shows a list of permissions that the user has on each item within Kion. This is the best way to see exactly what access a user has throughout the application. For information about managing permissions, see What are Permission Schemes? and What are Permission Roles?
To see which permissions a user has:
- On the Permissions tab, click an item type within the Item Type list. This filters the items displayed in the Item list.
- Click an item within the Item list.
- The permissions the user has for that item is displayed in the Permissions list.
Viewing User Details
Clicking on the name of a user brings up their User Details page. Click through the tabs to see the following information:
Overview Tab. Shows information that was entered when the user was created, such as their name and contact information.
User Groups Tab. Lists all groups that the user is a member of and their role in that group. For more information, see Managing User Groups.
Projects Tab. Displays all projects that the user has permission to access and their role associated with the project. For more information, see Managing User Permissions on a Project.
OUs Tab. Displays all OUs that the user has permission to access and their role associated with the OU. For more information, see Managing User Permissions on an OU.
Funding Sources Tab. Displays all funding sources that the user is associated with and their role associated with the funding source. For more information, see Managing User Permissions on a Funding Source.
Cloud Rules Tab. Displays all cloud rules where the user is the owner.
Cloud Access Roles Tab. Displays all the cloud access roles that allow the user to log into cloud accounts.
Permissions Tab. Shows a list of permissions that the user has on each item within Kion. For more information, see Mapping Users to Permission Roles.
Linked Azure Accounts Tab. Shows a list of all Azure accounts linked to this user. The information includes the Azure username and the Azure tenant. This section is only shown if Azure is enabled as a cloud provider for your organization.