Intro
User management is key functionality of TDS portal. You can effectively manage permissions for servers, applications and SaaS in unified way through portal.
What do you want to do?
If you need just access to Jira/Confluence/GitLab/ ....
- Please ask your Team leads who are usually Admins of Portal workspaces, Jira projects, confluence spaces - they are responsible for user management
- This speed up the whole process, because TDS team has to ask owner who can access the service.
- If the workspace admin is not sure, what to do, please send him this manual
- If you are not sure who is admin, please raise a ticket in TDS Portal
If you are admin or owner of Jira/Confluence/ Gilab/ ...
- If yo want to add user to SaaS service - the first the user account must be member of the workspace and TDS portal
- To add user to the Workspace
- In your Workspace click on Members (left side) → Add member
- If user haven't got account in TDS portal → Invite member
- If user have got account → Add member
- Check user workspace roles for the new member
- To add user to the SaaS
- choose you SaaS → Members → Add member
- Member must exists in your workspace
- Check user SaaS roles
Add permissions for user
Organization
Organization usually represents the whole company, organizational unit or department. Organization is usually split between multiple smaller teams with some being able to manage the whole organization.
Default role (assigned to every new organization member) can be configured.
1 As organization Admin, you can't update and delete members with Owner role
Workspace
Workspace contains people who share resources (servers, applications, Jira project...) to effectively collaborate together.
Default role (assigned to every new workspace member) can be configured.
List applications
1 As workspace Admin, you can't update and delete members with Owner role
SaaS
SaaS is standalone componentsuch as Jira project, git repository or Confluence space used by single workspace.Specific permissions for each role vary between SaaS types. Tables for each SaaS are collapsed below.
title | Show table |
---|
Manage components
Confluence project
title | Show table |
---|
Gitlab repository
title | Show table |
---|
Artifactory repository
title | Show table |
---|
SeedDMS folder
title | Show table |
---|
Subversion project
title | Show table |
---|
Bitbucket repository
title | Show table |
---|
Add all workspace users
You can give all workspace members the default membership in SaaS. On SaaS Members page, click Add member button and choose Add all workspace members.
Application
Not all applications support permission management. It is enabled and managed upon request by TDS support team.
Specific permissions for each role vary between SaaS types as not every application contains logical counterpart to portal role.
- All members of SaaS deployed on this application
- Login to application
- Some members of SaaS deployed on this application based on their permissions
- All Reader permissions
- Customer administrators
- All User permissions
- Manage application
- Manage SaaS deployed to this application
Server
Server permissions give you ability to access and manage server. You need to add your public SSH key to portal.
1 As server Admin, you can't update and delete members with Owner role
Manage user
Update user information
If you need to update your user information such as name or email, contact TDS support.
Other
User profile
You access your profile by clicking the icon in upper right corner and choosing Profile from dropdown menu.
User manual contains three section:
- Profile management: Here you can browse basic information about your account and export it in PDF or vCard format. You can also update SSH key, switch multi-factor authentication (MFA), reset your OTP token or password.
- SaaS: Here you can see what information are TDS applications storing regarding your account.
- Structure: Here you can see your role assignments across the whole TDS tool chain.
Manage all assets for user
You can access permissions management screen from any Members screen by clicking action menu next to your user row and choosing Show memberships.
You can manage all your SaaS, Servers and workspace roles from the screen. By clicking the hamburger menu next to search bar you can set roles in bulk for all workspace servers or all SaaS in application.
Manage service accounts
You can create service account in portal and add memberships to the account. This may come handy when doing automation.
Service accounts are being created in Service accounts section in workspace. Service account can become member of other workspaces but can be managed only by administrators of workspace it was created in. Service account is also automatically deleted when its management workspace is deleted unless it is being changed in advance.
Read more about service accounts in the article.
The recommendation for Tietoevry users
User management and granted access rights must comply with Security rule and Information Classification Rule. Carefully consider what information should be shared and with whom. Follow the rule “need to share”. Restrict access to authorized individuals for specific business purposes and choose the role carefully.
Recommendations and changes are warmly welcomed.