Users, Roles and Permissions

Users in ARM

Super Administrator

The Super Administrator (or Super Admin) is the person who has the highest permissions of all the admins. This role can create other admins, assign or remove permissions, and perform all other admin activities. Deciding who and how many users you assign as super admin users requires significant consideration because they have the highest level of access and can make changes that affect the entire network.

Super admin permissions are required for the following:

1. Creating other admins
2. Installing and configuring agents
3. Adding users to admin groups

Org Administrators

Org Administrators (or Admins) are users with permission to access the ARM administration dashboard. The Admin can assign multiple roles to an individual admin if their job requires them to perform actions spanning multiple roles. You can share the responsibility of managing your ARM account by assigning administrator roles to other users. 

As an administrator for your organization, you can see a list of all the roles and privileges assigned to your users. This information can help you quickly determine a user's level of access to your organization's account.

General Users

General users have access to the ARM application based on the permission assigned by their Org Administrator. They are not allowed to access the Administration dashboard.

Create a New User Account

To create a new user account:

1. Log in to your ARM account. 
2. Hover your mouse over the Admin tab and click on the Users.
3. Click the Add User button.
   
4. Fill in the User Details and configure the Role Permissions.
5. Click Save & Activate to activate the users or Save Now & Activate Later to save the user details. They can be activated later from this page.
   
6. Your colleague will receive an email inviting them to set their password and log in.
7. Newly created users are updated in the Users tab under the Admin module.

Edit a User Account

After you’ve created a user, you can change most of their information and permissions. While you can't edit the Username and Email associated with a user, you can change the remaining fields. 

1. Log in to your ARM account. 
2. Go to the Users tab. Locate the user to whom you would like to make changes.
3. Click on the Edit icon.
   
4. Make any desired changes and click on Save.

Delete or Suspend a User's Account

If you have user management permissions, you can suspend or delete users. Suspended users can be reactivated; deleted users are permanently removed. 

1. Sign in using an administrator account.
2. Navigate to Admin > Users tab. Locate and select the user you'd like to make changes to.
3. Click on Delete User to delete the user account permanently.
   
4. You can temporarily block users' access to your organization's services by suspending their accounts. Select the user and click on Activate/De-activate button.
   
5. Click OK to confirm your selection.

Enforce single sign-on (SSO)

You can enable an option to enforce SSO for members of your team. This will make it mandatory for all team members to log in via SSO.

To enforce SSO, you need to enable the SSO login configuration. Go to the My Account page, and under the SSO Configuration, select the Disable login with AutoRABIT credentials checkbox. Click Save. Your team members will now be forced to log in via SSO only. Even if SSO is enforced, you, as an org administrator, can log in using either standard authentication (username/password) or SSO.

How to override single sign-on (SSO)?

If you, an org admin, want to override the SSO configuration for an individual team member or group of users, you uncheck the Enforce SSO boxes after selecting the team members from the list.

Note: When the Disable login with AutoRABIT credentials option is selected, the Enforce SSO checkboxes are automatically checked for all users.

Export Users

If you have Admin permissions, you can export a CSV file of all the users currently in your account. The CSV export will contain the following user information:

To export all user's details in CSV:

1. On the Users screen, in the upper right, click Export All Users.
   
2. The fields you can export will be displayed on the next screen. Click the Export button after choosing the fields you want to export as CSV.
   Fields like First Name, Last Name, Status, Email, and Login Name are automatically selected by default when a CSV file is exported. If necessary, you can exclude them from being exported.
3. Your export will begin processing, and the CSV file will be downloaded on your local machine.

Creating and Editing Roles

You must assign at least one role to each user, with specific permissions granted to each role. If a user has multiple roles, the role with the most significant permissions trumps any others assigned. 

1. Hover your mouse over the Admin tab and click the Roles option.
   
2. Click on the Create Role button.
   
3. On the next screen, enter a Role Name and Description for the role. On the Permissions tab, select the checkboxes to assign the roles you want users to have.
   
4. Click Save.

User Permission

This section summarizes the permissions assigned to the user. It allows them to view the type of access and actions they can perform in ARM. For example, users with the View Setup and Configuration permission can view Setup pages, and users with the API Enabled permission can access any Salesforce API.

To assign users to a role and permission, use the following steps:

1. From the ARM home page, click and go to the Permissions tab.
   
2. Select at least two users you like to assign permissions from the user's list view.
3. Click on Bulk Assignment.
   
   Important Note:

   The user(s) with the Admin role is not displayed on the Permission page.
4. On the next screen, select the roles to be assigned and select the module(s) you would like to add to these users.
5. Click Save.
6. You can click the user's name to open the user's record in detail view from the User Permission page.