Users¶

As an app administrator either at the app store and at the application level, learn how to add and modify user.

Overview¶

On this page, you have the users in rows and the small-apps of your instance as columns.

At the intersection, a pictogram indicates what types of access has been granted.

More than giving you an overview of your users’ access, from this interface you can also:

search the users: just start typing the user’s email
see the number of users
download the users list
sort your users
hover on the user name to get its creation date and who created it
get a reminder of what the pictograms mean

user interface

Create users¶

You can create users from the Add user button at the top right side of your screen.

user-create

Create/edit a single user¶

Options¶

Username : the user name MUST be a valid email address.
Password :
- Password generation by email : The user will receive an email to generate its password
- Single Sign-On : Thanks to the OAuth provider setup in the instance_settings.cson, the user will be able to reuse existing SSO credentials to login to Toucan Toco.
- Manually set password : Choose a temporary password, as soon as you choose to send a password generation email to your user, you won’t be able to modify it.
User-group(s) : (Optional) assign one or multiple groups to your user.
Set an expiration date for this account : (Optional) allows you to create a user for a limited period of time. Great for demos or prospect materials.

Assign privileges¶

Once you have created your user, click on continue to assign rights to one or multiple apps:

user rights

Here are the privileges explanation (in increasing order of rights perimeter):

No access: the user cannot access the right
Viewer: the user can access the app in production only, and user collaborative features, but cannot access the studio
Validator: the user can access the studio to validate the app before any release to production. The user cannot create or update the app by himself
Contributor: the user can access the studio to edit the app.
- Data Storyteller: The user can access the studio but he can only creates stories, edit color theme and create engagement with Notifictations customization. He cannot add any data to the application (need a feature flag activation).
- Data Master: The user can access the studio but he can only connect, prepare and apply permissions on data in the app. He cannot create stories/tiles nor affect the front of the application (need a feature flag activation).
- Business Specialist: The user cannot access the studio but he’s able to add/edit a commentary on a chart directly depending of the value of a requester (report or date at the moment). This can only be done on production (need a feature flag activation).

Tip

💡 Those 2 new sub-roles are in Beta right now! If you need that, talk about it with your Customer Success or your Account Executive in order to enable it.

App Owner: the user can share the app and manage the app users (add new users, edit or remove them). See the dedicated App Owner privilege below for more details.

If your user is added to a group using group privileges, this step will be skipped. User will inherit privileges setup at the group level.

Notifications settings¶

Choose how you want to notify your new user of its access :

No email : the user won’t receive any welcome email to the platform. The user will only receive its password generation email if specified at creation
Platform email : the user will receive one global email listing all the app access granted
Applications emails : the user will receive an email for each application access has been granted to

Edit users¶

You can edit a user’s privileges directly from the interface by clicking on the user privilege icon in a given app column.

user edit rights

If your user belongs to a group with privileges, you won’t be able to edit the user access. You’ll have to remove the user from the group to do so.

You can edit a user’s information by selecting a user from the list to activate the edition menu at the bottom right of your screen.

user edit

Create/edit multiple users¶

Note

This is what we call bulk creation 👥

Bulk creation/edition template¶

To create multiple users, you need to drop a csv file that contains specific information.

user bulk create

A template file is available for download. This file contains all the required columns you need to fill:

username : the user name MUST be a valid email address
admin : Type in true to give admin access to a specific user
provider : (Optional) the name of the sso provider (leave empty if the user logs in via username/password)
user-group : (Optional) type in the name of the group, leave it empty if you don’t want to assign any group to your user(s). There are by default 3 user-group column, but you can add more 😃 just make sure to update the number after user-group
All existing app on your store will have a dedicated column (small-app lovely-name), you just need to fill what type of privilege each user will have for each app:
- view for a Viewer
- validate for a Validator
- contribute for a Contributor
- contribute-data for a Data Master (need a feature flag activation)
- contribute-design for a Data Storyteller (need a feature flag activation)
- business-specialist for a Business Specialist (need a feature flag activation)
- own for an App Owner

Note

If you want to delete some users with a bulk upload, then add a delete columns and fill it with true or false

Once you’re done filling-up the template, you just have to drop it in the tile 🎉

user bulk validate

Send email invitation to new users : with this option activated, users will receive an email to inform him/her of his/her access to the Toucan Toco application and will be invited to create his/her own password.

File example (bulk creation):

username	admin	user-group 0	small-app finance	small-app marketing
test@tou cantoco. com	true
test2@to ucantoco .com		Manager	view
test3@to ucantoco .com			view	contribute

test@toucantoco.com will be admin
test2@toucantoco.com will be assigned to the Manager group and have a view access to the Finance app
test3@toucantoco.com will have a view access to the Finance app and contributor access to the Marketing app

Edit multiple users¶

You can edit multiple user’s privileges by selecting the users from the list to activate the edition menu at the bottom right of your screen.

user bulk edit rights

App Owner privilege¶

The App Owner privilege allows to:

benefit from administration rights at the app-level only (and not on the whole platform as opposed to the Admin privilege)
share the application to the world!

Please find below an explanation of those two use cases.

Delegate administration¶

As a platform Admin, you may need to delegate some of your rights at the app level, so that you avoid becoming overwhelmed by administration requests. You need to grant users management rights to other people in your organisation, but only for specific app, preventing your App Owners to access all the apps and users of the platform.

As an App Owner, you need to be autnomous in the way you give access to your app in your organisation.

That’s exactly why the App Owner privilege exists! As an App Owner, you have access to a user management interface right from your app home.

app access button

From there, you can easily add, remove or edit users privileges on your app.

app owner users management interface

Import things to notice:

As an App Owner, you can view and edit the privilege of other App Owners
When an App Owner adds a new user on his app, then:
eitheir the user is already registered on the platform, in such a case the user privilege for this app is updated and he receives a welcome email to notify him he has access to a new app on the platform;
or the user is not registered yet on the platform, in such a case the user receives a password email in order to register to the platform, and a new license will be consumed
When an App Owner removes a user’s access to the app, the user’s privilege is updated (“no access”), but the user is not deleted from the platform (only a platform Admin can remove completely a user from a platform)