Please ensure Javascript is enabled for purposes of website accessibility
Powered by Zoomin Software. For more details please contactZoomin

CONNECT data services

TABLE OF CONTENTS

CONNECT data services users

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
  • Last UpdatedOct 25, 2024
  • 2 minute read

A user in CONNECT data services is an identity that has access to a tenant. Roles assigned to a user determine what permissions the user has on resources. See CONNECT data services roles for more information. Users log in to the CONNECT data services portal and are authenticated through CONNECT.

We recommend using groups to manage roles in CONNECT data services. Assigning roles on the individual user level is not recommended.

Note: Identity resources such as users and clients, are global across CONNECT data services. These resources are not scoped to a particular namespace, but globally scoped across namespaces in CONNECT data services.

Users log in to the CONNECT data services portal through a user account in CONNECT, and users authenticate to custom web applications when using hybrid clients and authorization code clients. Therefore, at least one user should already be added to a tenant when the portal is first accessed.

Some points to note about adding and managing users:

  1. Users are added and granted access to CONNECT data services in CONNECT.

  2. Make sure the user has been assigned the Data services Viewer role in CONNECT before sending the invitation to access CONNECT data services. See Add users in CONNECT. In CONNECT data services, you can map a user or group to a CONNECT data services role to control what actions they can take.

    Note: The CONNECT data services Tenant Member role grants read access to everything in the tenant. If a user should not have read access to some resources, the Tenant Member role can be limited.

  3. Any CONNECT user who is assigned to the Administrator role is automatically assigned the Tenant Administrator role in CONNECT data services.

  4. Additional CONNECT users can be granted access to an associated CONNECT data services tenant using one of the following methods:

    a. Search for the user in CONNECT data services and then add the user and assign roles.

    b. Add a CONNECT group to the CONNECT data services tenant, then add that group to CONNECT data services and assign the necessary CONNECT data services roles. Any user that belongs to the CONNECT group is automatically granted access to the CONNECT data services tenant with the associated set of CONNECT data services roles.

    Note: You must belong to the Tenant Administrator role to add and manage users in a tenant.

PI Server counterpart

A user is comparable to a mapping in Data Archive. For example, in Data Archive a mapping may be added from a Microsoft Windows account to a specified PI identity. The user enters their Windows credentials to authenticate against Data Archive and gets the permissions specified by the PI identity. CONNECT handles authentication for CONNECT data services, and users get their permissions from the roles that are assigned to them.

TitleResults for “How to create a CRG?”Also Available in