Intro
User management is key functionality of TDS portal. You can effectively manage permissions for servers, applications and SaaS in unified way through portal.
What do you want to do?
If you need just access to Jira/Confluence/GitLab ....
- Please ask your Team leads who are usually Admins of Portal workspaces, Jira projects, confluence spaces - they are responsible for user management
- This speed up the whole process, because TDS team has to ask owner who can access the service.
- If the workspace admin is not sure, what to do, please send him this manual
- If you are not sure who is admin, please raise a ticket in TDS Portal
If you are admin or owner of Jira/Confluence/ Gilab/ ...
Add permissions for user
Organization
Jira project
Confluence project
Gitlab repository
Artifactory repository
SeedDMS folder
Subversion project
Bitbucket repository
Add all workspace users
You can give all workspace members the default membership in SaaS. On SaaS Members page, click Add member button and choose Add all workspace members.
Application
Not all applications support permission management. It is enabled and managed upon request by TDS support team.
Specific permissions for each role vary between SaaS types as not every application contains logical counterpart to portal role.
| Role | Members | Permissions |
|---|---|---|
| Reader |
|
|
| User |
|
|
| Administrator |
|
|
Server
Server permissions give you ability to access and manage server. You need to add your public SSH key to portal.
| User | Admin | Owner | |
|---|---|---|---|
| Server access | |||
| Access server | |||
| Admin access to server | |||
| Server management | |||
| Manage server users | 1 | ||
| Change server state | |||
| Enable/disable backups | |||
| Change server capacity | |||
| Delete server | |||
1 As server Admin, you can't update and delete members with Owner role
Manage user
Signup
There are multiple ways to create new account in portal:
- Single sign-on (SSO) 1
- If your organization supports SSO, you can create account by clicking SSO button on portal login screen. You will be automatically authenticated in all TDS Services.
- Self-invitation 1
- Click Create new TDS account link and input your email. Depending on your organization settings your email might need to be registered in TDS Portal user source prior to account creation.
- Accept invitation 1
- If you receive invitation to join TDS portal, follow link in email and create account.
- Automatically by your organization
- You will receive welcome email from Portal. If your organization doesn't support SSO, you need to reset your password before first login.
1 Not available for all portals
Reset password
If you use SSO to login to portal, this will not change your SSO password. You will be able to login with this password only into TDS portal and applications.
There are two ways how to reset your password:
- On login screen, click Forgot your TDS password? Reset it here link. You will receive email with link to reset your password.
- On user profile, click Change password button. You will be prompted to input your old and new password.
Invite users
If you want to add users into your organization or workspace that are not yet part of the portal, you can invite the users from Members screen on both organization and workspace.
Click Add member button and choose Invite new member. You can input multiple emails of people you want to invite. Users found in user directories connected to portal will be added automatically, others will be invited to join the portal 1.
User invitations expire after 3 days. You can prolong the expiration date or delete the invitation on the Invitations screen in organization or workspace.
1 Not available for all portal
Add SSH key
SSH keys are used in portal to access servers. it's not possible to add server membership to users without SSH key.
How to generate key link.
Once you have your SHH key pair generated, go to your user profile and input public part of your key into Public SSH key field in Security management section.
Update user information
If you need to update your user information such as name or email, contact TDS support.
Other
User profile
You access your profile by clicking the icon in upper right corner and choosing Profile from dropdown menu.
User manual contains three section:
- Profile management: Here you can browse basic information about your account and export it in PDF or vCard format. You can also update SSH key, switch multi-factor authentication (MFA), reset your OTP token or password.
- SaaS: Here you can see what information are TDS applications storing regarding your account.
- Structure: Here you can see your role assignments across the whole TDS tool chain.
Manage all assets for user
You can access permissions management screen from any Members screen by clicking action menu next to your user row and choosing Show memberships.
You can manage all your SaaS, Servers and workspace roles from the screen. By clicking the hamburger menu next to search bar you can set roles in bulk for all workspace servers or all SaaS in application.
Manage service accounts
You can create service account in portal and add memberships to the account. This may come handy when doing automation.
Service accounts are being created in Service accounts section in workspace. Service account can become member of other workspaces but can be managed only by administrators of workspace it was created in. Service account is also automatically deleted when its management workspace is deleted unless it is being changed in advance.
Read more about service accounts in the article.
The recommendation for Tietoevry users
User management and granted access rights must comply with Security rule and Information Classification Rule. Carefully consider what information should be shared and with whom. Follow the rule “need to share”. Restrict access to authorized individuals for specific business purposes and choose the role carefully.
Recommendations and changes are warmly welcomed.