Applies to: Kyvos Enterprise Kyvos Cloud (SaaS on AWS) Kyvos AWS Marketplace
Kyvos Azure Marketplace Kyvos GCP Marketplace Kyvos Single Node Installation (Kyvos SNI)
Users are all of the people who use or log in to Kyvos. The roles and groups they belong to control the access they have to files and data.
Managing user accounts
The following tasks describe how to create accounts, add a user to a group, define custom privileges, and unlock a locked user account. You can also import accounts from LDAP. The steps for editing, renaming, and deleting accounts are the same as those for Common actions. However, certain default accounts such as the Kyvos administrator account cannot be deleted.
Creating a user account
To create a user account, perform the following steps.
From the Toolbox, select Setup, then Users.
Or from Quick Links, select Setup users and groups.Click the + sign to add a new user.
On the displayed Users page, provide a User Name.
Enter the user's email address.
Select User Auth Type from the list, such as Native or LDAP.
Note
If you select the Native option from the list, the Autogenerate Password checkbox is displayed, and the Password and Confirm Password fields get disabled. Selecting the Autogenerate Password option automatically generates a password for the user. Once the user is created, an email is sent to the user, including a temporary password, which is used to log in to Kyvos. Upon logging in, the user is redirected to the Change Password page to change the temporary password.
Enter and confirm the password. See Password guidelines to learn guidelines.
Select a Role from the list. See Roles.
You can view the effective privileges for this user.Expand and collapse the details or click Expand All.
Hover the cursor over a privilege to view a brief description.
Click Close when you are finished.
Optionally, do any of the following:
Change the user authentication type. Depending on your installation, there may be choices besides the Native and LDAP.
Add a description for the user.
Add this user to a group. Select the groups to which this user should be added and drag them to Selected Groups.
Type the name in the search box to quickly find a group. See Groups.
Use the Set custom attributes link to define specific privileges for the users. Provide the attributes as key-value pairs.
For example, if you have enabled user impersonation on the Snowflake connection, use the fields here to specify the Snowflake Role to be assigned to the user. The user will have access to only those features, functions, and data that are allowed in the Snowflake role specified here.Use the Plus and Minus icons to add or delete attributes.
Click Apply.
Click Save to save your changes and create the user.
If you click a different user, you will be prompted to save your changes.
If the user is a member of a group that provides a higher access role than what they are assigned to in this dialog box, their effective role and the group that assigned it are listed when you edit the user.
Note
Groups imported from LDAP show up in the list of available groups but you can’t add newly created users to those groups. Those groups are shown but dimmed and unavailable for selection.
Deleting a user account
You can delete native users and LDAP users created through the Kyvos Web Portal. However, once the LDAP is synced and the user created from the Kyvos web portal is updated in the active directory, you cannot delete the user.
To delete a user account, perform the following steps.
From the Toolbox, select Setup, then Users.
Or from Quick Links, select Setup users and groups.Search and right-click the user that you want to delete.
Select the Delete option.
On the confirmation box, click the Delete button.
Locked accounts
If a user gets locked out of their account, you can unlock it.
To unlock a locked user account, perform the following steps.
From the Toolbox, select Setup, then Users.
Search for the user by entering a name in the Search box or scrolling down and selecting the user.
If the account is locked, you will see a banner that includes a link you can click to unlock the account.
Click OK to confirm.