19.0 - User Management
Last updated
Last updated
User management allows an organization's administrators to create and edit login credentials for individual users and to specify the exact information that the user will be able to view and interact with, when logged in using those credentials.
Admin credentials are required to use the User Management interface. When the Web Portal is first set up for an organisation, Innova will create at least one user with admin privileges for the organisation’s administrators. They can then log in and create additional users as required.
The Users page displays a list of all users currently set up for the organization and allows admin level users to add and delete users or modify user credentials. The list can be filtered by entering using the search bar at the top of the page.
Users created in the Web Portal user management can also log into the organisation’s server database using Well Seeker, and access the portal via the Innova phone app.
Users are grouped by organisation. An organisation can be collapsed by clicking on the “˅” symbol to the left of the organisation name. The table is searchable by typing in the search bar at the top of the page.
Each user in the table has the following functions:
Operator Access: Restricts the users access to operators on the organization's database. If all operators are left unchecked, no restriction will be applied. If one or more operators are checked, the user will only be able to access those operators. This restriction can also be applied to a role in the Roles page. Note that checked operators for a role and the checked operators for a user will add together.
Well Access: Restricts the users access to specific wells on the organization's database. If all wells are left unchecked, no restriction will be applied. If one or more wells are checked, the user will only be able to access those wells.
Reset MFA Device: If multi-factor authentication (MFA) is activated for the user, this will remove the MFA device registered to the user. The next time the user logs in to the Portal, they will be required to register a new MFA device.
Reset Password: Displays a dialog that allows you to enter a new password for the selected user. The user will receive an email notifying them of the new password. They will also be required to create a new password themselves the next time they log into the portal.
Organization: Can be edited by double left clicking. Choose the organization from the dropdown box. This dictates which database the user will have access to when they log into the Web Portal.
User Name: Can be edited by double left clicking. The user name that the user will enter when they are logging in to the Portal, App, or when accessing the remote database via Well Seeker Pro. Must be an email address.
Password: The password that the user will enter when they are logging in to the Portal, App, or when accessing the remote database via Well Seeker Pro. To edit this field, use the Reset Password option.
Role: Can be edited by double left clicking. The users role defines what features the has access to in the Web Portal, App and when accessing the remote database via Well Seeker Pro. Roles are created in the Roles page.
Units: The default unit set assigned to the user when accessing the Portal or App. Users can alter their unit set after logging in. Unit sets are created in the Units page.
Created: The date that the user was created.
Last Login: The amount of time since the user last logged in to the Web Portal, App or the remote database via Well Seeker Pro.
Pwd Reset Req (Password Reset Required): Toggling this option on will force the user to create a new password next time they log in to the Portal.
MFA Enabled: Toggles multi-factor authentication (MFA) on/off. When activated, the user is required to input a code generated by a third party app on their smart phone, as an additional security measure when logging in. After activation, the next time the user logs in to the Innova Web Portal, they will be given instructions on registering their device for MFA.
API User: Toggling the API User function on prevents a user from using MFA, and ensures that they can log in using their username and password only. It also prevents the MFA Enabled option from being toggled on. If MFA was previously enabled for the user, it will automatically be deactivated. The button will display green when API user is enabled.
Active: On by default. Toggling this feature off will disable the selected user, preventing them from logging in to the Portal, App, or the remote database via Well Seeker Pro.
A new user can be added by filling in the credentials in the row at the bottom of the Users page.
Fill in the Organization, Username, Password, Role and Units credentials. For security reasons, the Pwd Reset Req credential is also required for all new users. This will force the user to create their own password the first time they log in. Once all credentials have been filled in, the user will be automatically added to the chosen organisation. Further customization can then be performed in the main Users grid.
A role is a set of user permissions that can be setup and then applied to multiple users. Roles establish what admin and editing permissions a user has, as well as what App and Website add-on features the user has access to. The Roles page allows a user with admin permission to add, delete and edit roles.
Roles are grouped by organization. An organization can be collapsed by clicking on the “˅” symbol to the left of the organization name. The table is searchable by typing in the search bar at the top of the page.
Each role in the table has the following functions:
Base Features: Allows the user to enable or disable specific features in the Web Portal for the selected role. If all features are left unchecked, no restriction will be applied. If one or more features are checked, the user will only be able to access those features. The exception to this is the User Management feature. If this feature is enabled, all other features will be disabled and the role will only be able to access user management in the Portal.
Products & Features: This window allows the user to restrict which features in Innova Web API products – The Web Portal, Mobile App and Client API - the selected role can access.
Operator Access: Restricts the users access to operators on the organization's database. If all operators are left unchecked, no restriction will be applied. If one or more operators are checked, the user will only be able to access those operators. This restriction can also be applied to a specific user in the Users page. Note that checked operators for a role and the checked operators for a user will add together.
Organization: The organization that this role is assigned to. Only users that are members of the selected organization will be able to use this role. Cannot be edited after creation.
Name: Can be edited by double left clicking. The name of the role.
Description: Can be edited by double left clicking. A more detailed description of the role. This only displays here on the Roles page.
The below five buttons can be toggled to add or remove permissions to the role. A user with the role will have these permissions applied when they log in to the Web Portal, Mobile App or Well Seeker Pro:
Admin: Can add, remove, and edit users and roles.
Edit: Can edit items in the database.
Delete: Can delete items in the database.
Create: Can create new items in the database.
Approve: Currently does not affect any function in the Web Portal, but Approver permission is required if the user wants to approve bid sheets while accessing the database via Well Seeker.
The two buttons below cannot be toggled on or off. Instead they indicate if the Base Features or Products & Features have been edited in the Role Options:
Base Features: Will automatically toggle on if any base features have been enabled.
Products & Features: Will automatically toggle on if any products & features have been enabled.
A new role can be added by filling in the fields in the row at the bottom of the Roles page.
Fill in the Organization, Name, and Description fields. Once all fields have been filled in, the role will be automatically added to the chosen organization. Further customization can then be done in the main Roles grid.
The Units page allows the admin to control which unit sets are available to users when viewing data in the Web Portal and Mobile App.
Unit sets are grouped by organization. An organization can be collapsed by clicking on the “˅” symbol to the left of the organization name. The table is searchable by typing in the search bar at the top of the page.
Each unit set in the table has the following functions:
Organization: The organization that this unit set is assigned to. Only users that are members of the selected organization will be able to use this unit set. Cannot be edited after creation.
Name: The name of the unit set. Double left click to edit.
Units: The other columns in the Units table contain the units that make up each unit set. Double click on a unit to edit it.
A new unit set can be added by filling in the fields in the row at the bottom of the Units page.
Fill in the Organization and Name fields. Once these fields have been filled in, the unit set will be automatically added to the chosen organisation, with a default selection units. The units for the new unit set can then be customized.
Delete: Clicking on the icon will delete the user.
User Options: Clicking on the icon will open a menu with additional options for the user. Gives access to the Operator Access, Well Access, Reset MFA Device and Reset Password options.
Auth Type: The user’s Auth Type shows which user management system is being used to mange the selected user’s security credentials. This is set when the organization is set up with Innova. If the Auth Type column displays a icon, then user credentials are managed in the Innova Portal. If the Auth Type column displays a icon or a icon, then the organization's user credentials are managed using Azure AD or Okta, respectively. In this case, the password and MFA management functions in the Innova Portal will have no effect.
Delete: Clicking on the icon will delete the role.
Role Options: Clicking on the icon will open a menu with additional options for the role. Gives access to the Base Features, Products & Features and Operator Access.
Delete: Clicking on the icon will delete the unit set.