Managing Users

Ex Libris works with you during installation to set up your initial users - including at least one administrator - and user groups.

For more information about users and end-users, see Users.

For information about notification groups, see Working with the Notification Center.

Managing Users

You manage users on the Select a User to Change page (Users/Permissions > User). This page presents a list of users. For information about working with lists, see Working with Lists.

When adding a user, you must enter a unique username and a password.

Add User Page

Edit a user on the Change User page.

Change User Page

Configure the following for each user.

Change User Page Fields
Field	Description	Values
Username	A unique ID for the user.	30 alphanumeric characters or fewer. Must be unique.
Password	Select change password form to change the password. Change Password Page
Personal Info
First Name
Last Name
E-mail address
Authority
Organisation	The user's organization, if any. You can sort users by organization on the Select a User to Change the page. Organizations do not have any other impact on the UI. Organizations are configured together with Ex Libris during installation. The organization field on this page has no relation to the organization field available when configuring manually added end-user accounts (see Managing Manually Added End-User Accounts).
Permissions
Active	Whether the user is enabled. You may want to disable users rather than delete them.	Select to enable the user.
All permissions / User permission	The permissions the user has to perform actions in the App Manager. If you clear All permissions, you can select permissions one by one (see the on-screen text for instruction). For the list of permissions, see User Permissions. Alternately, enable permissions for the user by associating the user with one or more user groups (see below). The user is enabled with any permissions selected here OR within any user group associated to the user.	Select All permissions to enable the user to perform any action, subject to any restrictions (see below). Clear All permissions to select permissions manually in User permissions.
Restrictions
Restrict Profiles / All Profiles	The profiles that the user is permitted to manage. By default, a user can manage all profiles. For more information about profiles, see Managing Profiles.	Leave the checkbox cleared to enable the user to manage all profiles. Select the checkbox to enable the All Profiles field with a link indicating the profile or number of profiles selected. Select the link to select profiles from a list (select away from the list to save your changes).
Restrict Content Access / Content Access	The static content services that the user is permitted to manage in the content menu. By default, a user can manage all content. For more information about the content menu, see Working with Static Content and the Content Menu.	Leave the checkbox cleared to enable the user to manage all content. Select the checkbox to enable the Content Access field with a link indicating the number of content elements selected. Select the link to select content from a list (select away from the list to save your changes).
Restrict alert groups / Alert groups	The alert groups that the user is permitted to manage. By default, a user can manage all alert groups. For more information about alert groups, see Configuring Alert Groups.	Leave the checkbox cleared to enable the user to manage all alert groups. Select the checkbox to enable the Alert groups field where you can select alert groups one by one (see the on-screen text for instruction).

User Permissions

The following permissions can be granted to/removed from a user, either one by one (see Managing Users) or as a group (see Managing User Groups).

Android branding (change) - Not in use
Alert group (add, change, delete) - See Configuring Notification Groups.
Alert group category (add, change, delete) - See Configuring Notification Group Categories.
Alert group subscriptions (change) - See Managing End-Users in Notification Groups.
Android intro branding (change) - Not in use
App data (homepage) (change) - Not in use
App device icons (change) - See Configuring App Name and Icons.
Campus map (add, change, delete) - See Adding Maps.
Campus map (publish) - See Publishing the App.
Contact email addresses (change) - See Configuring Email Addresses to Receive Feedback.
Content item (manage about menu) - See Working with Static Content and the Content Menu.
Content item (manage iPad home) - See Working with Static Content and the Content Menu.
Content item (manage content templates in Creative Studio) - See Page Menu and Creating a Page from a Template.
Content item (manage) - See Working with Static Content and the Content Menu.
Content item (publish) - See Publishing the App.
Email settings (change) - See Configuring Email Sharing.
Email template (add, change, delete) - See Configuring App Emails.
Facebook settings (change) - See Configuring Facebook Sharing.
Feedback (view) - See Viewing Feedback.
Feedback (publish) - See Publishing the App.
General permissions (use App Builder) - See Creating Services and Configuring Services.
General permissions (view device report) - Not in use
General settings (access Analytics) - Enables access to Insight Analytics; see Viewing App Usage Statistics.
General permissions (view device report) - Not in use
General settings (change)- See Configuring App Basics.
Home page banner (add, change, delete) - See Configuring Default Banner Service Images.
Home page banner (publish) - See Publishing the App.
Home page feed (add, change, delete) - Not in use.
Home page header settings (change) - Not in use
iPad branding (change) - Not in use
iPhone / Android branding (change) - Not in use
Idea (view) - See Viewing Feedback.
Location category (add, change, delete) - See Adding Map Location Categories.
Location category (publish) - See Publishing the App.
Menu option (add, change, delete) - See Working with Static Content and the Content Menu.
Menu option (publish) - See Publishing the App.
Notifications (send group) - See Sending Notifications to End-Users.
Notifications (send individual) - See Sending Notifications to End-Users.
Organisation (view Reports) - Not in use
Person (view registered user) - Not in use
Person roles (change) - See Enabling/Disabling App Roles for End-Users.
Position (add, change, delete) - See Adding Map Locations.
Position action (add, change, delete) - See Adding Actions at Map Locations.
Problem (view) - See Viewing Feedback.
Problem app category (add, change, delete) - See Configuring Problem Feedback Categories.
Problem page category (add, change, delete) - See Configuring Problem Feedback Categories.
Profile data (homepage) (change) - Not in use
Resource (add, change, delete, publish) - Not in use.
Standard alert groups (change) - See Configuring Notification Groups.
Tile data (menu option) (change) - Not in use
Twitter settings (change) - See Configuring Twitter Sharing.
User (add, change, delete) - See Managing Users.
Web app branding (change) - Not in use

Managing End-Users

There is no single point for managing all end-users in the App Manager since the App Manager provides multiple types of authentication, including types where end-user accounts are managed by an external system.

Certain end-user management features are available, however, including:

Enabling/disabling app roles for end-users - You can enable or disable app roles for all registered end-users.
Also see Managing End-Users in Notification Groups.

Registered Users

View, search, and filter by date range for groups or specific app users to view the date and time they registered in the app. The interface also enables you to download a CSV file with the data for external use.

The App Manager Registered Users screen.

Null values appear for users whose Date Last Used was prior to September 2022

Force Login

Force a user or group of users to reauthenticate their credentials each time they log in to the app. You can apply this feature to all users, users with specific roles, or specific user email addresses.

When selecting Email Addresses, separate multiple email addresses with commas.

App Manager App Settings.png

Configuring End-User Authentication Types

Each profile group can use a different authentication method to authenticate end-users. Before assigning an authentication method to a profile group, you must first configure the methods. Ex Libris works to help you configure these methods during installation.

You configure authentication for a profile group by selecting it from the list in the Select profile registration authentication to change page (App Settings > App Settings > Profile Registration Authentication). When you select a profile group, the Change profile registration authentication page opens the group's authentication settings, as follows:

Sort order- The order in which this profile group appears in the drop-down list of profile groups presented to the end-user when they first open the app.
Authentication type- Select the authentication type:
- Standard Authentication- Enable end-users to register an account when they first use the app. The end-user is presented with the Terms of Service and a registration screen, where they enter a username and password. Complexity requirements for the password can be specified in the configuration of the settings of this type of authentication; see Configuring Password Requirements for Standard Authentication, below. Users registering with this method are assigned the default app role.
- Authentication against LDAP- Enable students to log in using their institution's credentials. When selected, you must also configure the Auth app server,LDAP service access, and LDAP auth endpoint, and configure a failure message (text only). Customer roles, configured by the institution together with Ex Libris, map the correct app roles to users who register using this method.
- Authentication against App Manager Directory- Enable only end-users for which you have manually added accounts in the App Manager (see Managing Manually Added End-User Accounts, below). When selected, you must also configure a failure message (text only) and select whether or not a password is required. All manually added users are assigned the default app role,DEPRECATED.
- No Authentication- Use for guest users, to provide authentication-free access to general campus services. Guest users are assigned the default app role.
- Anonymous with registration- Combines no authentication with standard authentication: end-users can register by entering their name and email address, they have authentication access. Users are assigned the default guest role.
- SSO Authentication- Single sign-on using the institution's authentication system (similar to LDAP). When selected, you must also configure the Auth app server,LDAP service access,LDAP auth endpoint,SSO Directory, and SSO Auth Endpoint, and configure a failure message (text only). Customer roles, configured by the institution together with Ex Libris, map the correct app roles to users who register using this method.
- Authentication against Address- Not in use.
Additional settings, as appropriate for the selected Authentication type. Contact Ex Libris customer support for help in configuring any additional required fields. Ex Libris helps you configure the initial values for these fields during installation.

Configuring Password Requirements for Standard Authentication

If the selected Authentication type of a profile group is Standard Authentication, you can specify requirements that must be met by the password the end-user chooses. If the password does not meet the specified requirements, the password is not registered and an error message is displayed to the end-user.

The dialog box in which the end-user creates login credentials by entering their name, email, and the password they want to use.

Dialog Box in which the End-User Defines Their Login Details

Error Message that Appears in the Dialog Box if the Password Entered by the User Does Not Meet the Requirements

Error Message Displayed when the Password Does Not Meet the Requirements

To configure password requirements for a profile group:

Select Enable password complexity. The fields in which you configure the requirements are added to the page.
Fill in the fields to define the requirements:
- Password length – The minimum number of characters that must be included in the password.
- Require uppercase and lowercase – Select this to require at least one uppercase letter and one lowercase letter in the password.
- Require special character – Select this to require at least one special character in the password.
- Require digits – Select this to require at least one numeral in the password.
Under Custom Password Guidelines, enter the text to display below the fields in the dialog box.
Select Save or Save and continue editing.

Managing Manually Added End-User Accounts

You can manually add end-users for profiles using the Authentication against App Manager Directory authentication type on the Select app directory record to change page (App Settings > App Directory > App Directory). This page presents the list of end-users that can register with the app using this authentication type. For information about working with lists, see Working with Lists. You can filter the list by searching the list or by selecting one of the filters on the right.

All manually added users are assigned the default app role.

For each user, enter or configure the following information:

Add App Directory Record Page

Profile - The profile to which to associate this end-user.
First name
Last name
Email address
Organisation - Enter an organization name, in free text. The organization is useful for auditing purposes and can be used also to filter end-users in the list on the Select app directory record to change page. It has no other functional effect in the app or the App Manager.
The organization field on this page has no relation to the organization field available when managing users (see Managing Users).
The next four fields are optional and are used for auditing purposes only.
Job title
Department
Address
Country
Opt-in - If enabled, the end-user is visible when searching a directory of end-users (a service provided by campusM during installation). If disabled, the end-user is not visible.

Enabling/Disabling App Roles for End-Users

You can enable or disable one or more app roles for a specific end-user on the Select user roles to change page (App Settings > User Management > User Roles). This page presents the list of end-users that have registered with the app. For information about working with lists, see Working with Lists.

Each record presents the list of app roles associated with the end-user. Select or clear a role to enable or disable it.