User Management
Users are typically managed from the Users app to perform the following tasks:
- Manage Users - Add, edit, disable, set authorizations for User accounts, including sending welcome emails and initiating the reset password process.
- Manage User Roles - Define authorizations shared by multiple users.
- Monitor Users - View user activity and audit trails.
- Release Content - Approve, Save and Cancel content locked by a user.
Users & User Roles
User Roles define a set of authorizations that can be assign to multiple users to grant them access to specific system features and content. A single User can be associated with multiple User Roles, which will combine all authorizations. User Roles will add access, and cannot be used to remove access.
To learn more about Users and User Roles, see the Users app.
Impersonation
Authorized users can also login as another user to access webCOMAND as that user, without their password, to help troubleshoot issues and perform tasks not possible from the Users app. For more information, see User Impersonation.
Best Practices
Each person should have their own unique user account for a number of reasons.
- Security - If one team member leaves or "goes rouge", it is possible to disable that single account, without the need to update the password of the shared account to prevent that user from logging in, which impacts everyone else on the team.
- Audit Trails - The system keeps an audit trail of who made what changes when, which helps with troubleshooting and accountability. If a shared account is used, it will be impossible to know who made a (potentially malicious) change.
- Collaboration - The system prevents multiple people from stepping on each others toes. For example, two people should not be able to edit the same field of the same record at the same time. If multiple people are logged in with a shared account at the same time, the system cannot tell them apart, so those different users will be able to overwrite, approve and cancel each others changes, in many cases without even realizing it.
- Email / Password Management - When an email is sent to a user, it is intended for a single user. For example, if a user forgets their password, they will be emailed to verify the user and reset their password. A shared User can cause confusion. Either the email address is a group email address to the same people that share the account, and then all of the users will receive those emails, or the email address goes to a single person and then if others try to reset the password, only that person will receive the emails, so they will not be able to set the password.