Skip to main content
Version: 7.1

Users

The Users view shows a list of users by name, login name and assigned project. From this view, administrators can remove users, assign them to one or more projects, and grant them permissions.

Adding users

Before a user can sign in to ASM, the user must be created and mapped to a role in the authentication module (see Appendix: Managing users in Keycloak).

The new user can then log in to the system using the username and password provided to them by the system administrator.

Note: A user has to log in at least once before that user can be assigned to a project.

Users view

The user record in ASM is created automatically when the user signs in. The administrator is then able to assign this user to the desired project(s) with the needed permissions.

Assigning users to projects

Selecting a user in the list of users opens the editor and permits the administrator to change the user's project assignment and permissions. Clicking Apply closes the editor and applies the changes to the user selected.

Once in the list, the user can log in and see the assigned projects. In case a user has administrative permission but no user permission, only the Administration view will become available. Clicking Apply closes the editor and adds the name and assigned project information in the list in the Users window.

Selecting the check box to the left of the user name activates the Remove button and allows an administrator to remove the user from a project.

Note: If a user is removed from a project during an active session, the session will be interrupted and the user will not be able to complete the intended actions.

User permissions in a project

Once access to the Axiomatics Services Manager has been gained, the user will either have unrestricted access to all data within the project or be limited to read-only access.

The level of permission is assigned by the project administrator when the user is added as a member to the project. Unrestricted access is referred to as All and limited access as Read-only. A user can be assigned to a project in the Project setup view as well.

Changes in project assignment, name, or level of permission

When a user is unassigned from a project while working in the project, the user will see the following message on the very next action:

Clicking OK will automatically log out the user. On logging back in, the message will appear saying that the user has not been assigned to a project.

When the project name is changed, a project member working in the project will be unaware of the change. However, a change in the project name does not affect membership in the project.

When the level of permission assigned to a member of a project changes from All to Read-only while the user is working in the project, the user can continue to work with All privileges. However, after logging out and logging in again, the user will find that the read-only permission has taken effect and the user will be unable to modify the project as before.

Deleting a user in ASM

The process of deleting a user must be carried out both in ASM and in Keycloak.

  1. Delete the user in Keycloak. (See Appendix: Managing users in Keycloak for more information.)
  2. Remove the user assignment from the project(s) in ASM. (Not mandatory, but strongly recommended.)
  3. Remove the user from the Users list in ASM. (Not mandatory, but strongly recommended.)

Note: If steps 2 and 3 are not carried out, the user will be "Active" forever in the internal ASM database, which means the user will be visible in the “Users” and “Project setup” views. If a user is logged in when the user record is deleted in Keycloak, the user is immediately barred from executing any action in ASM.