The User menu item combines the former "LDAP Groups" and "Users" menu items.
The menu item User in the user administration of clients is used to authorize logged-in users within the client or within the forms of the client. Specifically, the following goals are pursued:
- give individual users or groups of users access to the client's administrative interface and control their permissions within clients.
- Grant end users access to protected forms or parts of forms.
Therefore the list of users only represents the authorizations for users. A complete list of all users in the system can be viewed in the system settings.
Newly created clients always already contain an authorization for a user, namely that of the client administrator. See Client creation.
Contents
Adding users
To add a user to the client, click on the plus icon. After that, a selection with two options appears, because there are two ways to create an authorization for users in clients:
- By sending an invitation by e-mail (exactly one user is authorized).
- By defining user filters (several users can be authorized at once).
|
User configurations with client admin role can only be added by users with Edit admin role permission or by the SAdmin.
Inviting users via email
To invite a single user to the current client, click 
Invite user by e-mail.
The email address of the user who is to be invited to the client. It is only necessary to specify the email address of the user. This can be a user who is already registered in the system or a completely new user. In both cases, the user will receive an email with an invitation link.
If user search is enabled for the system, suggestions are made based on the users that already exist in the system when the email address is entered. If LDAP or Microsoft Entra ID login services are enabled for the management interface, suggestions are also made based on LDAP servers and Entra ID login services, respectively.
The other fields such as role and user group are described in the Authorization configuration section.
By clicking on Invite, the authorization for the user is created in the client and an email with an invitation link is sent to the user. By default, the invitation links have a validity period of one day. After this time, the invitation link can no longer be used. A new link must be sent. The validity period of the invitation links can be configured in the application properties.
A correctly configured system email server is a prerequisite for sending the invitation emails.
After the invitation has been sent to the user, the user configuration is in the "waiting" state until the user responds to the invitation.
Nach dem die Einladung an den Benutzer versendet wurde, befindet sich die Benutzerkonfiguration im "wartenden" Zustand, bis der Benutzer auf die Einladung reagiert.
Copy invitation link
The invitation link can be copied via the clipboard icon.
Send new invitation
A new invitation can be sent via the paper airplane icon, the invitation link of the previous invitations will become invalid.
Invitation from the user's point of view
When a user is invited to a client, the user must follow the link in the invitation email. After clicking on the invitation link, the user will be prompted to log in or register.
Invitation of an existing user
The login prompt for invitations with email addresses known to the system.If the email address used for the invitation is already known to the system and assigned to a user, the user is asked to log in with their formcyle profile.
Invitation of a new user
|
If the email address is not yet known to the system at the time of the invitation and therefore could not be assigned to a user, the user will be prompted to register with an email address. This does not have to be the email address with which the user was invited. Afterwards the user will be asked to enter their name and a password to create a new profile.
If the user already has another formcycle profile under a different email address, they can also log in with this profile to accept the invitation.
If external login services are configured for the management interface and the user has an account with one of these login services, the user can also log in or register with this account.
Accept / decline invitation
After successful login or registration, the user can accept the invitation and then receives the assigned authorization within the client. If the user declines the invitation, the user authorization is removed from the client.
Profile pictures and full names of users are visible to others in the client only after the invitation has been accepted by the user. Until that time, only the email used for the invitation is visible.
Whether invitations have to be explicitly accepted by users can be configured by system administrators in the system settings.
|
Creating user filters
How to create user filters is described and illustrated in the article User filters.
Authorization configuration
|
Roles
The roles assigned to the user within the client. Roles determine the access to the client's administration interface and which permissions the user has within the client.
If no roles are assigned, users are not granted access to the client's administration interface. This may be explicitly desired if end users are to be granted access to protected forms, for example, by assigning them only to user groups and not roles.
The roles of client administrators can be changed only if the user has the corresponding permission to edit the administrators and if there is at least one other client administrator.
Users can not edit their own roles.
User groups
The user groups to which the user should belong. The user groups determine which inboxes users have access to, provided the users have access to the inbox via a corresponding role. In addition, user groups can be assigned to grant end users access to protected forms or to configure properties of form elements such as their visibility or editability depending on the user.
Accessible Inboxes
Represents the inboxes that can be accessed. Which inboes can be accessed depends on the user groups.
Access until
An end date can be set for users who should only have temporary access to the client. If users log on after the set date, the authorization by the user configuration will no longer be effective and thus, for example, access to the administration interface of the client will be denied.
Limited / temporary access cannot be configured for client administrators.
Editing / deleting users
In general, users can be deleted and edited once they have been created. Depending on the type (invited users or user filters), environment (other users) and the permissions of the acting user, however, there are restrictions on deleting / editing.
Invited users
Invited users with client admin role:
- Editing: Can only be edited by the SAdmin or users with the role permissionEdit administrators if at least one other client admin exists as an invited user.
- Deleting: Can only be deleted by the SAdmin or users with the role permission Edit administrators if at least one other client admin exists as an invited user.
Invited users without client admin role:
- Editing: Can always be edited.
- Deleting: Can always be deleted.
Yourself (The configuration of an invited user, which is the acting user itself):
- Only the user groups can be edited.
- The user cannot be deleted.
User filters
User filters with client admin role:
- Editing: Can be edited only by the SAdmin or users with the role permissionEdit administrators.
- Deleting: Can be deleted only by the SAdmin or users with the role permission Edit administrators.
User filters without client admin role:
- Editing: Can always be edited.
- Deleting: Can always be deleted.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article
