Managing Users, Groups and Roles

CONTENTS

Home

Users, Groups, Roles and Permissions are managed from the Home Menu.

  • User: an individual with a bipp account.
  • Group: a named group of bipp users.
  • Role: a collection of permissions that can be assigned to a user.
  • Permissions: provide granular level access control over bipp functions and operations.

These procedures are at the tenant level. For example, deleting a user only removes them from your tenant, not from the bipp platform.

Managing Tenant Users

Select Users from the main menu to open the IAM pane. The available commands and tabs depend on your current tenant and permissions.

  • Add New User(s) opens the Add User dialog. See Adding Users.
  • Add New Role opens the Add New Role dialog. See Adding Roles.
  • Search enter a string to search for a user.
  • Users tab displays the current users and roles for the tenant.
  • Pending invitations tab displays any invitations sent to non-bipp users and not yet accepted.
  • Roles tab displays the available roles for the tenant. See Roles & Permissions.
  • dropdown opens an Options menu for the specific user in the list.

Managing Tenant Users

Adding Users

  1. Click Users from the main menu. The IAM pane opens with the Users tab displayed.
  2. Click Add New User(s) to add users to your tenant. Adding Users
  3. Enter the email address of the new user.
  4. Select one or more roles from the Choose roles list.
  5. Optional: Click Add email to add another user.
  6. Click Add when you are finished adding users.

Existing bipp users are added to the Users list. Other users are added to the Pending invitations list. An email is sent with a Join link to create their bipp account.

Modifying Roles for the Tenant User

You select one or more roles when you add a user to your tenant. You can modify the assigned roles as needed.

  1. Click Users from the main menu. The IAM pane opens with the Users tab displayed.
  2. Click dropdown to the right of the user and select Roles. The Add groups/users dialog is displayed. Add Group Users
  3. Open the Users tab.
  4. Modify the Roles for one or more users.
  5. Click Update.

Deleting Users

  1. Click Users from the main menu. The IAM pane opens with the Users tab displayed.
  2. Click dropdown to the right of the user and select Delete.
  3. Click Delete again to confirm. This removes all the user’s access to the tenant objects.

Managing Pending Invitations

When you invite a non-bipp user to your tenant, they receive an email invitation with a link to create their bipp account. They appear on the Pending invitations tab until they create their bipp account. Once they create their account, they are added on the Users tab. Managing Pending Invitations

Resending Invitations

  1. Click Users from the main menu. The IAM pane opens with the Users tab displayed.
  2. Open the Pending Invitations tab.
  3. Click dropdown to the right of the user email address.
  4. Click Resend to send a new invitation.

Deleting Pending Invitations

  1. Click Users from the main menu. The IAM pane opens with the Users tab displayed.
  2. Open the Pending Invitations tab.
  3. Click dropdown to the right of the user email address.
  4. Click Delete.
  5. Click Delete to confirm the deletion

Managing Tenant Groups

Creating groups of bipp users with similar permissions on the shared objects simplifies the access management for your tenant.

Select Groups from the main menu to open the Groups pane. The available commands depend on your current tenant and permissions.

  • New Group opens the Add New Group dialog. See Adding Groups.
  • Search enter a string to search for a group.
  • Filter by spaces filters the list to show groups with access to a specified space. Select the space from the drop down list. Default is All.
  • Filter by users filters the list to show groups containing the specified user. Select the user from the drop down list. Default is All.
  • Clicking a group Name opens the group view pane. See Managing a Group.
  • dropdown opens an Options menu for the specific group in the list.

Managing Tenant Groups

Here are the columns on the Groups list:

  • Name is the group name. Click to open the view for the group.
  • Users displays the number of users in the group.
  • Access to spaces displays the list of spaces the group can access. Use the Filter by spaces option to filter the Group list.
  • Security Group displays the associated Security Group if one has been specified. This is optional. A group can only belong to a single Security Group.
  • Last updated displays the date the group was last modified.

Adding a Group

  1. Click Groups from the main menu. The Groups pane opens.
  2. Click New Group. Adding Group
  3. Enter the group name and description.
  4. Click Add. The new group appears in the Groups List.

Managing a Group

  1. Click Groups from the main menu. The Groups pane opens.
  2. Click dropdown to the right of the name.
  3. Click View to open the Group. The Users tab is displayed. Only group users with current roles appear in this list. Managing a Group

Managing Group Users

  1. Click Manage users. The user list is displayed. All group users appear in this list. If they do not have a current role, the box to the left of the name is unchecked. Managing Group Users
  2. Open the Roles drop down and select/deselect one or more roles.You can deselect all roles to effectively remove the user from the group. Alternatively, you can uncheck the box to the left of the user to remove their roles.
  3. Click Update when complete.
Using the global Selection checkbox in the header to deselect all, resets all of the roles. Be sure and add the Group Owner back to at least one user.

Adding New Users to a Group

  1. Click Add new user to this group.
  2. Enter the email address of the new user.
  3. Select one or more roles from the Choose roles list. Adding New Users to Group
  4. Optional: Click Add email to add another user.
  5. Click Add when you are finished adding users.

Editing a Group Name/Description

  1. Click Groups from the main menu. The Groups pane opens.
  2. Click dropdown to the right of the group name.
  3. Click Edit to change the name or description of the group.
    Editing Group Name
  4. Change the name of the group and add a description.
  5. Click Save.

Adding/Editing a Security Group

Security Groups are managed through Settings on the home menu. You must have an administrative role to access the Settings. Refer to Security Groups for details.

To map a Security Group to a group:

  1. Click Groups from the main menu. The Groups pane opens.
  2. Click dropdown to the right of the name.
  3. Click Security Group.
    Security Group
    Groups can only be mapped to a single Security Group. You must delete the currently associated security group before selecting a new one. Click theDeleteicon to unmap the existing group.
  4. Select the Security Group from the list. Security Groups are defined from Home > Settings > Security Groups.
  5. Click Update.

Deleting Groups

  1. Click Groups from the main menu. The Groups pane opens.
  2. Click dropdown to the right of the name.
  3. Click Delete and confirm again to remove the group.

Managing Roles & Permissions

Roles

A role is a collection of permissions. Permissions enable granular level access control within bipp.

There is a set of predefined roles available to all tenants. Users with edit/administrative permissions for their tenant can create new roles specific to the tenant.

Click Roles from the main menu. The IAM pane opens, showing the Roles tab.

Roles

Pre-defined roles cannot be edited or deleted.

Adding Roles

  1. Click Roles from the main menu. The IAM pane opens, showing the Roles tab.
  2. Click Add New Role. Create Role
  3. Enter the information for the new role:

  • Name is the role name. Best practice is to use a descriptive name.
  • Description describes what users with the role can do.
  • Search is used to filter the available Permissions in the list using the search criteria and/or the Category from the drop down.
4. Select one or more permissions for the role. A shortcut for selecting permissions is to use a filter, such as selecting Dashboards for the Category, then clicking the checkbox in the header to select all the Dashboard permissions.
5. Click Create.

Editing Roles

  1. Click Roles from the main menu. The IAM pane opens, showing the Roles tab.
  2. Click dropdown to the right of the name.
  3. Click Edit. Editing Role
  4. Modify the role information:

  • Name is the role name. Best practice is to use a descriptive name.
  • Description describes what users with the role can do.
  • Search is used to filter the available Permissions in the list using the search criteria and/or the Category from the drop down.
5. Select/deselect permissions.

  1. Click Update.

Deleting Roles

  1. Click Roles from the main menu. The IAM pane opens, showing the Roles tab.
  2. Click dropdown to the right of the name.
  3. Click Delete.
  4. Click Delete again to confirm deleting the role.

Permissions

Permissions enable granular level access control for the bipp functions and operations. Permissions are granted to users and groups by assigning roles. Users can only access functionality and resources authorized by their assigned permissions.

Access to resources can happen through one or more channels:

  • Explicit permission granted through a specific role assigned to the user.
  • The resource is part of a space and the user has the required permissions to access - resources in that space.
  • The user is part of a group that has the required permissions on that resource.
  • The user is part of a group that has the required permissions on a space containing the resource.

A permission is available for every type of action that can be performed on different types of resources like dashboards, sheets, datasources, projects, spaces, and tenants.

To see the list of permissions, open Roles from the main menu. The list is available if you click Add New Role or Edit an existing role.

Permissions

The bipp system-defined permissions cannot be edited or deleted.