Managing users
There are two main ways to manage user records in the system: "Internal user management" and "Integration with a directory service". See a brief explanation on each of these modes
Internal user management
Records are managed by the system, including access credentials. It is possible to configure the security level of passwords, such as minimum length, validity, and blocking rules. There are four ways of managing users internally:
- Internal record: Users can be manually registered in the system, with a login and password for authentication.
- Integration via web service: Authenticated web services allow adding or editing users through other services.
- Import via database: Data can be inserted directly into the system database, for subsequent user import.
- Import via XLS file: It is possible provide a spreadsheet with user data for manual or scheduled import.
For more details on these forms of management, refer to theIntegration Guide.
Integration with directory service via LDAP protocol
The system allows synchronizing users with a directory service such as Microsoft Active Directory or OpenLDAP. An external authentication server manages user credentials. Communication with the directory service may be established in two ways
- Direct communication: If the system server is in the same domain, or the service is accessible externally, synchronization can be done via the LDAP protocol.
- SoftExpert Identity application: Recommended for customers hosted on cloud servers, this application works as an intermediary, transferring user data to the system.
Use the flowchart made available to help you choose the best way to manage users.
⚠️ Attention:
- It is possible to have users synchronized with directory service combined with non-synchronized users. However, only non-synchronized ones can use the internal authentication mode.
- Direct synchronization with the directory service and the SoftExpert Identity application cannot be used together. You must choose one method only.