Add user from IdP server for SSO

The task of adding a user from the IdP server in an Control Room that is configured for single sign-on (SSO) is similar to creating an Active Directory user.

Prerequisites

Before adding a user in your Control Room, ensure the following:

  • The user already exists in the IdP server.

    If the username is not present in the IdP server, the user is not allowed to log in using SSO. You must contact your IdP server administrator to resolve this issue.

  • You must be logged in to the Control Room with administrator privileges.

Procedure

  1. Navigate to Administration > Users.
    The All users page appears, displaying information about the existing users.
  2. Click Create user.
    The Create user page appears.
  3. In the General details section, perform the following steps:
    1. Clear the Enable User check box if you do not want the user to log in immediately.
      By default, this check box is selected.
    2. Enter a Username. Ensure that the name is the same as that provided in the IdP server.
      Note: You can also include an email address-for example, username@example.com.
    3. Optional: Enter a description and include the first name and last name for the user.
      The maximum number of characters allowed for first name and last name is 50.
    4. Enter your Email address and confirm the address.
      If SMTP is enabled, the user is sent an email to this address to confirm the account. All important Control Room notifications are sent to this email address.
  4. In the Select roles section, assign a role from the Available roles table.
    Each role includes specific privileges and permissions to access and perform actions in certain areas of Control Room.

    Enterprise 11: System created roles

    1. In the Available roles list, select the check box next to the Role Name to select all roles. Alternatively, select multiple roles from the list.
    2. Add roles to the Selected list.
    • Any Control Room user has access to these permissions by default: View Dashboard, Manage my credentials and locker, and View and manage my queues.
    • A non-admin user does not have access to these permissions: Admin, BotFarm Admin, Pool Admin, Locker Admin.
  5. Assign a device license to the user.
    System default licenses
    Note: Device licenses are not available for users with the Admin or BotFarm admin roles. The number of available copies is shown next to each license.

    For a Bot Creator and attended Bot Runner user, you can enable Auto Login by selecting the Enable auto login check box. This enables the user to create local schedules on their machine so that the bot automatically logs in to the user's local machine, executes the task, and locks or logs off the machine. For an unattended Bot Runner user, Auto Login is always enabled.

  6. Click Create user or Create user and add another.
    If SMTP is enabled, an email is sent to new users inviting them to log in.
    The new user is displayed in the User table.