Managing Users, Groups and Roles
Users, Groups, Roles and Permissions are managed from the Home Menu.
- User: an individual with a bipp account.
- Group: a named group of bipp users.
- Role: a collection of permissions that can be assigned to a user.
- Permissions: provide granular level access control over bipp functions and operations.

Managing Tenant Users
Select Users from the main menu to open the IAM pane. The available commands and tabs depend on your current tenant and permissions.
- Add New User(s) opens the Add User dialog. See Adding Users.
- Add New Role opens the Add New Role dialog. See Adding Roles.
- Search enter a string to search for a user.
- Users tab displays the current users and roles for the tenant.
- Pending invitations tab displays any invitations sent to non-bipp users and not yet accepted.
- Roles tab displays the available roles for the tenant. See Roles & Permissions.
opens an Options menu for the specific user in the list.
Adding Users
- Click Users from the main menu. The IAM pane opens with the Users tab displayed.
- Click Add New User(s) to add users to your tenant.
- Enter the email address of the new user.
- Select one or more roles from the Choose roles list.
- Optional: Click Add email to add another user.
- Click Add when you are finished adding users.
Existing bipp users are added to the Users list. Other users are added to the Pending invitations list. An email is sent with a Join link to create their bipp account.
Modifying Roles for the Tenant User
You select one or more roles when you add a user to your tenant. You can modify the assigned roles as needed.
- Click Users from the main menu. The IAM pane opens with the Users tab displayed.
- Click
to the right of the user and select Roles. The Add groups/users dialog is displayed.
- Open the Users tab.
- Modify the Roles for one or more users.
- Click Update.
Deleting Users
- Click Users from the main menu. The IAM pane opens with the Users tab displayed.
- Click
to the right of the user and select Delete.
- Click Delete again to confirm. This removes all the user’s access to the tenant objects.
Managing Pending Invitations
When you invite a non-bipp user to your tenant, they receive an email invitation with a link to create their bipp account. They appear on the Pending invitations tab until they create their bipp account. Once they create their account, they are added on the Users tab.
Resending Invitations
- Click Users from the main menu. The IAM pane opens with the Users tab displayed.
- Open the Pending Invitations tab.
- Click
to the right of the user email address.
- Click Resend to send a new invitation.
Deleting Pending Invitations
- Click Users from the main menu. The IAM pane opens with the Users tab displayed.
- Open the Pending Invitations tab.
- Click
to the right of the user email address.
- Click Delete.
- Click Delete to confirm the deletion
Managing Tenant Groups
Creating groups of bipp users with similar permissions on the shared objects simplifies the access management for your tenant.
Select Groups from the main menu to open the Groups pane. The available commands depend on your current tenant and permissions.
- New Group opens the Add New Group dialog. See Adding Groups.
- Search enter a string to search for a group.
- Filter by spaces filters the list to show groups with access to a specified space. Select the space from the drop down list. Default is All.
- Filter by users filters the list to show groups containing the specified user. Select the user from the drop down list. Default is All.
- Clicking a group Name opens the group view pane. See Managing a Group.
opens an Options menu for the specific group in the list.
Here are the columns on the Groups list:
- Name is the group name. Click to open the view for the group.
- Users displays the number of users in the group.
- Access to spaces displays the list of spaces the group can access. Use the Filter by spaces option to filter the Group list.
- Security Group displays the associated Security Group if one has been specified. This is optional. A group can only belong to a single Security Group.
- Last updated displays the date the group was last modified.
Adding a Group
- Click Groups from the main menu. The Groups pane opens.
- Click New Group.
- Enter the group name and description.
- Click Add. The new group appears in the Groups List.
Managing a Group
- Click Groups from the main menu. The Groups pane opens.
- Click
to the right of the name.
- Click View to open the Group. The Users tab is displayed. Only group users with current roles appear in this list.
Managing Group Users
- Click Manage users. The user list is displayed. All group users appear in this list. If they do not have a current role, the box to the left of the name is unchecked.
- Open the Roles drop down and select/deselect one or more roles.You can deselect all roles to effectively remove the user from the group. Alternatively, you can uncheck the box to the left of the user to remove their roles.
- Click Update when complete.

Adding New Users to a Group
- Click Add new user to this group.
- Enter the email address of the new user.
- Select one or more roles from the Choose roles list.
- Optional: Click Add email to add another user.
- Click Add when you are finished adding users.
Editing a Group Name/Description
- Click Groups from the main menu. The Groups pane opens.
- Click
to the right of the group name.
- Click Edit to change the name or description of the group.
- Change the name of the group and add a description.
- Click Save.
Adding/Editing a Security Group
Security Groups are managed through Settings on the home menu. You must have an administrative role to access the Settings. Refer to Security Groups for details.
To map a Security Group to a group:
- Click Groups from the main menu. The Groups pane opens.
- Click
to the right of the name.
- Click Security Group.
Groups can only be mapped to a single Security Group. You must delete the currently associated security group before selecting a new one. Click the
icon to unmap the existing group.
- Select the Security Group from the list. Security Groups are defined from Home > Settings > Security Groups.
- Click Update.
Deleting Groups
- Click Groups from the main menu. The Groups pane opens.
- Click
to the right of the name.
- Click Delete and confirm again to remove the group.
Managing Roles & Permissions
Roles
A role is a collection of permissions. Permissions enable granular level access control within bipp.
There is a set of predefined roles available to all tenants. Users with edit/administrative permissions for their tenant can create new roles specific to the tenant.
Click Roles from the main menu. The IAM pane opens, showing the Roles tab.

Adding Roles
- Click Roles from the main menu. The IAM pane opens, showing the Roles tab.
- Click Add New Role.
- Enter the information for the new role:
- Name is the role name. Best practice is to use a descriptive name.
- Description describes what users with the role can do.
- Search is used to filter the available Permissions in the list using the search criteria and/or the Category from the drop down.
5. Click Create.
Editing Roles
- Click Roles from the main menu. The IAM pane opens, showing the Roles tab.
- Click
to the right of the name.
- Click Edit.
- Modify the role information:
- Name is the role name. Best practice is to use a descriptive name.
- Description describes what users with the role can do.
- Search is used to filter the available Permissions in the list using the search criteria and/or the Category from the drop down.
- Click Update.
Deleting Roles
- Click Roles from the main menu. The IAM pane opens, showing the Roles tab.
- Click
to the right of the name.
- Click Delete.
- Click Delete again to confirm deleting the role.
Permissions
Permissions enable granular level access control for the bipp functions and operations. Permissions are granted to users and groups by assigning roles. Users can only access functionality and resources authorized by their assigned permissions.
Access to resources can happen through one or more channels:
- Explicit permission granted through a specific role assigned to the user.
- The resource is part of a space and the user has the required permissions to access - resources in that space.
- The user is part of a group that has the required permissions on that resource.
- The user is part of a group that has the required permissions on a space containing the resource.
A permission is available for every type of action that can be performed on different types of resources like dashboards, reports, datasources, projects, spaces, and tenants.
To see the list of permissions, open Roles from the main menu. The list is available if you click Add New Role or Edit an existing role.
The bipp system-defined permissions cannot be edited or deleted.