In this article, you'll learn about managing who has access to your organization's Kontakt.io Kio Cloud account and their permissions. Permissions are managed by the roles assigned to each user within each of the apps activated in your account. All user management functions are accessed within the Kio Cloud Users app and is restricted to those users assigned to the User Management Administrator role.
Topics include:
Those assigned to the User Management Administrator role have the following permissions.
-
Add users: A user is anyone that requires access to your organization's account.
-
Assign roles: Grants access and permissions for each app activated in your organization's account.
-
Reset passwords: During a password reset, a user receives an email to update their password.
-
Enable or disable users: Controls the user's sign-in access. Disabling a user effectively suspends their access without permanently removing their user profile.
-
Delete users: Permanently removes their user profile. All historical data associated to their user profile activity is retained.
Each user has a profile with their unique settings. A user can only update their password and view their API Key, they cannot view or edit their user profile settings or roles.
Each user profile includes:
-
First and Last Name: The user's full name as it appears within the Kio Apps.
-
Email address: When a user's sign in method is configured as Password, the email address required for sign in authentication along with their user-defined password. A user's email can only be associated with a single Kio Cloud account.
-
Unique Ext ID (optional):A secondary unique identifier. This ID is used by specific Kio Apps and is recommended to be provided. For example, this maybe be their unique employee ID within your HR management system.
-
Sign-in method: Identifies the sign in method for authentication and access.
Password: User is required to sign in with their email and password.
SSO_RA: User is required to sign in and authenticate with their SSO credentials; Kio Cloud is integrated with your organization's SSO identidy provider.
-
Roles by app: Roles define what a user can and cannot do within an app - their access and permissions.
-
Update Password: A user can update their password when their sign in method is set to Password. For a user with a SSO sign in method, their password is managed from the SSO identify provider.
-
API Key (Security menu): A user can view their unique API key. The API key is required for those integrating with our APIs and mobile SDKs.
Roles allow Administrators to control and manage user access and permissions within each of the apps. This role-based access control ensures that users only have permissions relevant to their responsibilities or use of apps.
-
Each role consists of a set of permissions. For example, an app Administrator role has full permissions to all features, while other roles have restricted permissions.
For more information, see Kio Cloud app roles and Kio Apps roles.
-
If a user is not assigned a role within an app, the app is not displayed on their Kontakt.io Launchpad.
-
A user can be assigned to one or multiple roles within a single app.
Kontakt.io offers a seamless and secure way your organization's staff to access the Kio Cloud platform by leveraging Single sign-on (SSO) technology. This means that staff can log in to Kio Cloud using your organization's SSO identity provider (IdP), which is a more secure method compared to using just a Kio Cloud username (email) and password.