Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The following features and enhancements are covered in this update:

  • New Roles

  • Email Domain Verification

  • Organisation Level Configuration

  • User Migration for Domain Level Configuration (with template format guide)

  • Audit Log

  • Bulk User addition and role updation (with template format guide)

  • User Details Report Download

  • Bug fixes

New roles

app.settings.admin

Previously app.admin had complete organisation access. Latest features developed including organisation level configurations, rule management, user migration, user migration report download can be accessed by app.settings.admin only as well as user and role management can also be done.

Info

We will assign app.settings.admin to users already having app.admin such that they can access all the existing as well as new features.

app.admin can’t perform app.settings.admin specific actions but can perform actions related to user and role management with only restrictions being

  1. Cannot assign app.admin or app.settings.admin to any user.

  2. Cannot remove app.admin and app.settings.admin from any user.

Email Domain Verification

Users will have a new verification status specified as

Verified

Not verified

Verification required

Email verified. No verification required.

Email not verified and not required. User can voluntarily verify from profile page

Email and not verified and user will be prompted to verify upon login

image-20240206-172053.pngimage-20240206-172207.png

image-20240206-172130.png

Screenshot 2024-02-14 at 6.02.39 PM.pngimage-20240206-173132.png
Note

By default all google account and integration/system users will be verified and their verification status cannot be changed in any case. When we update google account user to username/email & password user then it will be not verified by default.

Info

User can request an email verification link once per minute and a max 15 times per day

Info

If the email verification link has been accessed from same browser then user will be directly logged in otherwise the user will be redirected to application url already registered to account server.

Organisation Level Configuration

This configurations can only be done by organisation’s app.settings.admin.

User logout days configuration

  1. Organisation’s app.admins can now configure user logout days threshold at domain level. User logout threshold specifies after how many days user will be logged out from the application and requires re-login.

  2. Till now the default value was 30 days by default across all domains. It can now be configurable to as low as 1 day and upto 30 days. It is not allowed for more than 30 days because of security vulnerabilities.

User disable days configuration

  1. Organisation’s app.admins can now configure user disable days threshold at domain level. User disable days threshold specifies after how many days user will be disabled due to inactivity.

  2. User activity time is updated whenever he performs any action on the application. It should be more than user logout days threshold and upto 180 days.

Note

By default all the organisations are initialised with user logout days of 30 and user disable days of 180

Email verification

Toggling the option will turn on email verification for all username/email & password users and log them out (Will take upto one minute because of application level caching).

Allowed

domain

Email Domains

We can add comma separated email domains like @increff.com, @gmail.com, @xyz.com which will only allow addition of username/email and password users with these domain present in their email. Keeping the field empty will whitelist all email domains.

image-20240206-170504.png

User Migration for Domain Level Configuration

  1. If domain level email configuration has been enabled for basic users and some of the users were logged in, then they will have to go and verify the email; which might hinder their operations. So, we suggest to first migrate the required users and then change the configuration.

  2. User migration report for such username/email and password users can be downloaded which provides required fields and status for migration.

Avishek Chatterjee to add screenshot for report without showing template guide

image-20240206-184619.pngImage Modified

Audit Log

  1. app.admin and app.settings.admin can access logs related to the domain from account server home page from domain dropdown.

image-20240206-182222.png
image-20240206-182421.png

Note

Audit can be viewed/downloaded for a max time window of one month

Bulk User addition and role updation

Account server now supports bulk addition of users and role updations using CSV upload. Few things to remember

  1. Template can be found after clicking one of the options.

  2. CSV explanation are also mentioned in the upload dialogue box.

  3. Max row numbers are capped at 500.

  4. After each upload, a CSV file will be downloaded which will tell which rows are uploaded successfully and problems with each row if any.

  5. User upload can take upto 2 minutes. Please check if users are already added before trying again.

image-20240206-182820.pngimage-20240206-182954.png

User Details Report Download

We can now download user report which will contain following fields:

email

username

roles (top level only)

last login time

Avishek Chatterjee to attach screenshot

Minor changes and bug fixes

  1. Minor security related bug fixes.

  2. Account Server now stores the data of who assigned what roles to whom.

  3. All of the dropdowns are now searchable.