4.1.2 Create Application Users

After you sign in to your IAM console, one of your first tasks is to create additional user accounts. You should assign specific user groups to the user accounts that you are creating. There are seeded user groups available with the respective services, users must be mapped to one or more of the user groups, depending on the role that they perform.

For example, you can create a user for each member of your team. Each team member can then sign into the account with their credentials. You can also assign each user to specific user groups and apply specific security policies or roles to each group.

You can create the users and map the users to groups for your service. After creating the users, the users will receive a Welcome email. The users must activate their accounts and enter a new password to access the services.

To create users in the IAM Console, perform the following steps:
  1. In the IAM Console, click the Profile icon and select Identity domain to add the Application Users.
  2. In the Identity Domain left pane, click Users and select Create user.
  3. Enter the following details:
    To have the user sign in with their email address:
    • Leave the Use the email address as the username check box selected.
    • In the Username / Email field, enter the email address for the user account.

    Or

    To have the user sign in with their user name:

    • Clear the Use the email address as the username check box.
    • In the First name and Last name fields, enter the user name that the user is to use to sign in to the Console.

    Figure 4-1 Add User Details


    This illustration shows the Add User Details window, you must specifythe user details such as First Name, Last Name, User Name / Email.

    Note:

    Ensure that you restrict the User Name to the following:
    1. Do not enter your Email ID as the Username and do not select the Use the email address as the username check box.
    2. Enter a maximum of 20 characters.
    3. Enter Alphanumeric Characters.
    4. Enter only Hyphen (-) and Underscore (_) Special Characters.
  4. In the Groups (Optional) section, select the user groups according to your user-specific groups or access.

    Note:

    After a user sign in to the PBSM Cloud Service, the User to User-Group Mapping created in the IAM Console will onboard into the Master and Mapping Tables. Later, if you deselect (remove) a User from a Group in the Assign User to Groups Window after provisioning, ensure that you also unmap the User from the corresponding User- Group in the Admin Console. This is a mandatory step to complete the unmapping process.
  5. To create an Identity Administrator or Authorizer user, assign the users to the following:
    • IDNTY_ADMIN: You can use this option to create an Administrator User.
    • IDNTY_AUTH: You can use this option to create an Authorizer User.

    Figure 4-2 Assign Users to Groups Window


    In this screen, you assign the Identity Administrator or Authorizer users.

  6. Click Create.

For Bulk User Creation, you can batch import User Accounts using a comma-separated values (.CSV) file.