There are two ways that users are added to the application: automatically and manually.
Automatic user registration and provisioning
If Single Sign-On (SSO) is enabled for your application, your users will be automatically added the first time they log in. During the Single Sign-On configuration process, your organization will define the default role and default application for your users. If needed, you can manually update the assigned role and default application later in the admin portal.
Your organization’s identity provider will pass the user’s information from the corporate directory to Ravnur. Ravnur limits the user information to:
- First name
- Last name
- Email address
- UID* (*- optional as email address can also be used as a unique identifier)
Additional User Parameters
Ravnur creates two additional user parameters from the supplied data:
- Display name. This is changeable at any time by the user. For instance, if your corporate directory lists you as Elizabeth, but you prefer Liz, you can update your display name to Liz for the application. The display name is not unique. The username is unique, but not displayed. By default, the display name is set to the first and last name provided by the identity provider.
- User name. This is the unique identifier for the user. Depending on the configuration with your identity provider, it may be the UID or email address.
Manual user creation is needed when using OAuth
When using social identity providers (e.g., log in via Google, Microsoft, or Facebook), you must manually create the user in the admin portal before they can access the application. Unlike the SAML integration with automatic user provisioning, the OAuth process works as follows:
1. The user authenticates with the OAuth identity provider.
2. The identity provider authenticates the user and redirects them to the Ravnur application.
3. If the user is an already registered and active (i.e. not disabled, not deleted) user in the application, the user will be granted access.
Ensure that the user’s email address matches the email address they’ve registered with the social identity provider or the access will be denied.
How to add a user manually
1. In the Admin Portal, click on Users
2. Click on the blue Add user button.
3. Enter the user’s first name, last name, and the email address.
Ensure this is a Google ID or Microsoft ID for authentication purposes.
4. The username defaults to the part of the email before the "@". You can optionally change the username before saving, but it cannot be changed once created.
Usernames can include letters (a-z), numbers (0-9), dots, dashes, and underscores.
5. Assign a role for the user.
6. Click on Create to save the new user.