Skip to content

Latest commit

 

History

History
79 lines (36 loc) · 4.3 KB

create-a-new-user-348deef.md

File metadata and controls

79 lines (36 loc) · 4.3 KB

Create a New User

As a tenant administrator, you can create a new user in the administration console for SAP Cloud Identity Services.

Prerequisites

You are assigned the Manage Users role. For more information about how to assign administrator roles, see Edit Administrator Authorizations.

Context

The tenant administrator creates the new user with a minimum set of attributes and can set an initial password.

Procedure

  1. Sign in to the administration console for SAP Cloud Identity Services.

  2. Choose the User Management tile.

    The system displays the first 20 users in the tenant sorted by their user ID number.

  3. Press Add.

  4. Fill in the required fields in the dialog box.

    Note:

    By default the User Type field is Employee. To change the default setting, choose user type from the drop-down list. The available user types are: Customer, Employee, Partner, Public, External, and Onboardee.

    Email field can be skipped when Set initial password or Set status active is selected, and Email is configured as not required in the Logon Alias view.

    Values for Email, First Name and Last Name that are part of the respective exclude list cant' be used. For more information, see Restrict User Attributes Values via Exclude Lists.

    Tip:

    If email is mandatory, for users without valid email addresses or for testing purposes use the sap-test.de domain, for example <username>@sap-test.de. Do not use any other existing or nonexisting domains.

  5. Select one of the following options:

    • Send activation email - The tenant administrator creates a user with status New. The user receives an email with instructions how to activate the user account. After activating the account, the user status changes to Active.

    • Set initial password - The tenant administrator creates a user with status Active and sets the password for the user.

      Restriction:

      The initial password can be valid between 1 and 365 days depending on the configuration made by the administrator. The default value is 14 days. The user is prompted to reset the password during the first authentication. After the validity of the initial password expires, the user can't log on to the application and must contact an administrator. For more information for more information about how to configure the initial password validity, see Configure Initial Password and Email Link Validity.

    • Set status active - The tenant administrator creates a user with status Active. The tenant administrator does not set an initial password for the user, and the user does not receive an email with instructions how to activate the user account.

      This option can be used in the following scenarios:

      • Identity Authentication acting as identity provider (IdP) proxy
      • certificate authentication

  6. Save your entries.

Results

If the operation is successful, the system displays the message: User added. Identity Authentication creates the new user and assigns User ID (P user) and Global User ID (universally unique identifier (UUID) format). The User ID field is unique and not editable. The Global User ID, on the other hand, is unique, but editable. You can change it via the the user management field in the administration console.

Related Information

Configure User Identifier Attributes

Restrict User Attributes Values via Exclude Lists

List and Edit User Details