- 17 Jun 2024
- 4 minute read
- Print
- DarkLight
- PDF
User Accounts Overview
- Updated 17 Jun 2024
- 4 minute read
- Print
- DarkLight
- PDF
Accounts and permissions determine user access and capabilities. Slate allows for an unlimited number of user accounts. Before a user can access your database, a new user account must be created by a current user who has the exclusive Security Administrator role assigned to them.
Only users with the Security Administrator role can create user accounts, deactivate existing users, and manage user access to records and resources in Slate.
User Types
Slate manages several user types:
User
User (External)
Service Account
Service Account (Remote)
User
A user is an individual who has an institutional account and who needs access to Slate to view or edit record data. This user typically connects to Slate through your single-sign-on (SSO) system. Use the "User" type for most user accounts in a database.
User (External)
An external user is an individual who does not have an institutional account but has a need to access Slate to view or edit record data. Slate authentication is used for these individuals. Admins must set an activation password when creating external user accounts. External users must sign into Slate through the External Login URL, for example, https://apply.slateuniversity.edu/manage/login/external.
External users who need to access a test environment must first have an account in that environment, and they must sign in through the External Login URL specific to that test environment.
Service Account and Service Account (Remote)
Service Account is used only for accounts that need access to the Slate SFTP servers or web services.
Service Account (Remote) is used to export data from Slate to remote SFTP servers.
Adding a User
To add a new user account:
Select Database on the Slate navigation bar. The Database page appears.
Locate the Users & Access section and select User Permissions. An Active Users page appears.
Click New User. A New User popup appears.
Configure each setting as necessary.
Click Save.
When creating the user account, you can grant the desired user permissions in several ways:
Select individual permissions on the Permissions tab.
Inherit permissions through a role selected on the Roles tab.
Through population permissions selected on the Populations tab.
User accounts created in the production environment after the test environment is provisioned will not automatically appear in the test environment. To add the user in the test environment, do one of the following:
Refresh the test environment so it includes the newly added user account.
Manually create the user in the test environment.
Active User Settings
When creating or editing a user account, admins are faced with several settings to consider. This article provides details on those settings.
Setting | Description |
---|---|
Profile Info | The top section of the settings popup includes various data related to the user, including names, contact information, title and department, and avatar (if one exists). Make changes as needed. |
User Type | Select the appropriate user type:
|
User ID | The ID that will be used to access Slate. The User ID must match the single-sign-on (SSO) ID for the user at your institution if SSO is configured. A user account in Slate must have a unique user ID, regardless of active or inactive status. |
Activation Password | A password used for first-time login of external users (only required for external users). The user is prompted to change their password when signing in with this password. |
Home Country | The country from which the user will be accessing Slate most often. |
Active | Select Enable account for access to activate the account. If the user no longer needs access to Slate, clear the Active setting. Remember to deactivate user accounts instead of deleting them to preserve audit logs. |
Supervised | For users who should only be able to access Slate from a computer in the office, select Require supervised login from non-supervised account. Users signing into a non-supervised account perform the following steps:
|
MFA | This setting enables multi-factor authentication (MFA) for logins from unrecognized devices. When selected, Slate requires one of the following:
|
Roles
A role represents a collection of responsibilities for a user's job function (e.g. admissions counselor, faculty reader, etc.). Each role will contain one or more permissions and a user assigned to a role will inherit the permissions linked to the role. A single user can be assigned multiple roles.
Setting | Description |
---|---|
Status | Select 'Active' to make the role available for use in User Permissions. |
Name | Displays the name of the role. This name will only be visible administratively. |
Export Key | Enables querying on this role. |
Reply Email | Used as a 'Reply to' email address when using role for communication purposes. |