The following features and enhancements are covered in this update:
New Roles
Email Domain Verification
Organisation Level Configuration
User Migration for Domain Level Configuration (with template format guide)
Audit Log
Bulk User Addition and Role Updation (with template format guide)
User Details Report Download
Bug Fixes
New roles
app.settings.admin
Previously app.admin had complete organisation access. Latest features developed including organisation level configurations, rule management, user migration, user migration report download can be accessed by app.settings.admin only as well as user and role management can also be done.
app.admin can’t perform app.settings.admin specific actions but can perform actions related to user and role management with only restrictions being
Cannot assign app.admin or app.settings.admin to any user.
Cannot remove app.admin and app.settings.admin from any user.
As app.settings.admin have a lot of power which can alter the organisation behaviour, we will not be assigning this role to anyone by default, but the access to the role can be requested from our CS team members.
Email Domain Verification
Users will have a new verification status specified as
Verified | Not verified | Verification required |
Email verified. No verification required. | Email not verified and not required. User can voluntarily verify from profile page | Email and not verified and user will be prompted to verify upon login |
By default all google account and integration/system users will be verified and their verification status cannot be changed in any case. When we update google account user to username/email & password user then it will be not verified by default.
User can request an email verification link once per minute and a max 15 times per day
If the email verification link has been accessed from same browser then user will be directly logged in otherwise the user will be redirected to application url already registered to account server.
Organisation Level Configuration
This configurations can only be done by organisation’s app.settings.admin.
User Logout Days Configuration
Organisation’s app.admins can now configure user logout days threshold at domain level. User logout threshold specifies after how many days user will be logged out from the application and requires re-login.
Till now the default value was 30 days by default across all domains. It can now be configurable to as low as 1 day and upto 30 days. It is not allowed for more than 30 days because of security vulnerabilities.
User Disable Days Configuration
Organisation’s app.admins can now configure user disable days threshold at domain level. User disable days threshold specifies after how many days user will be disabled due to inactivity.
User activity time is updated whenever he performs any action on the application. It should be more than user logout days threshold and upto 180 days.
By default all the organisations are initialised with user logout days of 30 and user disable days of 180
We will be disabling all the users who are not active for more than 180 days
Email Verification
Toggling the option will turn on email verification for all username/email & password users and log them out (Will take upto one minute because of application level caching).
Allowed Email Domains
We can add comma separated email domains like @increff.com, @gmail.com, @xyz.com
which will only allow addition of username/email and password users with these domain present in their email. Keeping the field empty will whitelist all email domains.
User Migration for Domain Level Configuration
If domain level email configuration has been enabled for basic users and some of the users were logged in, then they will have to go and verify the email; which might hinder their operations. So, we suggest to first migrate the required users and then change the configuration.
User migration report for such username/email and password users can be downloaded which provides required fields and status for migration.
Audit Log
app.admin and app.settings.admin can access logs related to the domain from account server home page from domain dropdown.
Audit can be viewed/downloaded for a max time window of one month
Bulk User Addition and Role Updation
Account server now supports bulk addition of users and role updations using CSV upload. Few things to remember
Template can be found after clicking one of the options.
CSV explanation are also mentioned in the upload dialogue box.
Max row numbers are capped at 500.
After each upload, a CSV file will be downloaded which will tell which rows are uploaded successfully and problems with each row if any.
User upload can take upto 2 minutes. Please check if users are already added before trying again.
User Details Report Download
We can now download user report which will contain following fields:
username | roles (top level only) | last login time |
---|
Minor changes and Bug fixes
Minor security related bug fixes.
Account Server now stores the data of who assigned what roles to whom.
All of the dropdowns are now searchable.