Identity management

The Administrator Application is used to create and manage users and their assigned groups and roles. Users require the ACTIVITI_IDENTITY role to view the identity management section.

The identity management section of the Administrator Application allows users with access to it to undertake common user maintenance tasks without having to access the Identity Service directly.

Roles

The roles section displays the current roles available to choose from and allows them to be deleted or have their descriptions updated. It is also possible to create a new role.

The following roles are available with a default installation:

RoleDescription
ACTIVITI_ADMINProvides access to the Administrator Application. Users with this role will be able to see the Process Admin functions for applications that they have been given administrator access to.
ACTIVITI_DEVOPSProvides access to the Administrator Application. Users with this role will be able to see the DevOps functions meaning they can deploy projects, create deployment descriptors and monitor applications
ACTIVITI_IDENTITYProvides access to the Administrator Application. Users with this role will be able to see the Identity functions meaning they can manage users, groups and roles
ACTIVITI_MODELERProvides access to the Modeling Application. Users with this role will be able to model and release projects
ACTIVITI_USERUsers require this role to be given user access to an application

Users

The users section displays the current list of users in the system. New users can be added in this section.

Once a user has been created, the groups and roles that each are assigned can be managed by editing the user. It is also possible to reset a user's password in case they have forgotten it using this section.

There are several users provided with the deployment that have various roles attached to them. You can use these for testing purposes by updating the passwords using the Administrator Application or create your own.

The following are the default users:

UserAssigned roles
modelerACTIVITI_MODELER
processadminuserACTIVITI_ADMIN
devopsuserACTIVITI_DEVOPS
hruserACTIVITI_USER
salesuserACTIVITI_USER
identityuserACTIVITI_IDENTITY
superadminuserACTIVITI_ADMIN, ACTIVITI_DEVOPS, ACTIVITI_IDENTITY, ACTIVITI_MODELER

Groups

The groups sections displays the current groups available to assign users to and allows them to be deleted or have their name changed. It is also possible to create a new group.

Permissions

Permissions refer to the different levels of access that users can be assigned to an application during and after deployment.

PermissionDescription
UserUser access to an application provides a user the ability to start process instances and tasks and access the Process Workspace for that application. A user can also cancel a process instance if they were the original process initiator.
AdministratorAdministrator access to an application provides a user the ability to monitor all process instances and tasks in an application and view the audit log for it

Identity Service

Whilst the majority of user management can be handled within the Administrator Application, it may be necessary to access the Identity Service administration console directly for some tasks.

© 2023 Alfresco Software, Inc. All Rights Reserved.