Documentation

Table of Contents


Other Resources


The Identity Management (IdM) tool contains the Create User function to add new users. As an administrator, you can add new users in the enterprise directory and in the Identity Platform environment.

Prerequisites

  • Data store with service account write privileges to add users
  • A realm for the Create User function with the following tabs configured before setting up the Post Authentication tab: 

Data store limitations

Note the following issues for certain data stores on the Create User page. 

  • Create user with group is not supported (you can still create a user without groups) in Azure AD cloud and Oracle DB
  • Create user is not supported in LDAP


Identity Platform configuration

  1. Go to the Data tab. 
  2. In the Membership Connection Settings section, restrict this realm to to only administrators in the Group Permissions subsection. Set the following configurations.  
    Note: This not required if your organization wants to allow admins to create their own accounts. 

    User Group Check Type Set to Allow Access
    User GroupsEnter the group name to which administrators belong. For example, Admins. 
    Groups FieldThe groups field in the data store directory containing the group information for each user. 

  3. Save your changes. 
  4. Go to the Post Authentication tab.

  5. In the Post Authentication section, set the following. 

    Authenticated User Redirect Set to Create User
    Redirect ToThis field is autopopulated with the post authentication .aspx page. This is appended to the domain name and realm number in the web address bar. For example, Authorized/CreateUser.aspx. 

  6. In the User ID Mapping section, set the type of User ID to assert in the Create User function. This is usually the Authenticated User ID
  7. In the Create User section, set the user field (and its settings) you want to appear on the Create User page. The SecureAuth Field corresponds to the Profile Properties in the Data tab. 
    For most field settings, use the following Display Types, while others are self-explanatory:

    • Hide – Do not show the SecureAuth Field on the Create User page. 
    • Show – Show the SecureAuth Field on the Create User page. You can edit this field. 
    • Required – Show and require edits of the SecureAuth Field on the Create User page. 

  8. Save your changes.


Optional configurations for token or cookie settings and SSO

In the Forms Auth/SSO Token section, you can optionally configure the token or cookie settings, and single-sign on (SSO) for this realm.

To configure token or cookie settings, see Configure token or cookie settings

To configure this realm for SSO, see SecureAuth IdP single sign-on configuration

To configure this realm for Windows Desktop SSO, see Windows desktop SSO configuration

  • No labels