Users can be viewed from a few places, depending on your role.
System administrators can create new users by doing the following:
Click the Create button in the toolbar above the grid. The Create User dialog is displayed.
If you plan on creating an application that restricts user visibility, be sure to create a username that is not personally identifiable, as usernames are still visible within the system even when a user's Contact Information and Display Name are restricted. See also: User Profile Visibility
System administrators can view and search through a complete list of users in the Users page of the Administration Console. The search is a "starts with" search that will search on first name, last name, username, and email address and an exact match search on UUID. The users grid can also be sorted by these four fields and filtered by the user's active/inactive status.
A specific user's information can be viewed or modified through the following steps:
All designers can view and search through a complete list of users from the Users view in Appian Designer. The search allows designers to search by full name, username, and email; it returns any results that contain the search criteria. The users grid can also be sorted by these three fields.
Designers who are system administrators can filter the grid by the user's active/inactive status, as well as view and modify a specific user's information by following the same steps above for the Administration Console.
Basic designers can modify their own user information and see a limited set of read-only details about the other users in the results.
NOTE: Users are not design objects and therefore will not appear as part of any application or objects list in Appian Designer, except in a group's members list and in the Users view.
The User record displays a limited set of read-only details for user. End users can view the user profiles of other users, although system administrators can prevent users from viewing each other's profiles by configuring User Profile Visibility.
End users can modify their own profiles from their User record, including name, email address, office phone, mobile, location, profile photo, cover photo, and blurb (system administrators cannot modify other users' blurbs). While system administrators can modify users' profiles, they cannot prevent end users from modifying their own profiles. To restrict what fields a user can edit on their own profile, go to the User Profile page of the Appian Administration Console.
System administrators can reset a user's password from the Administration Console. End users can, however, change their own password at any time from the Settings page in Tempo or a Site.
To change a user's password, complete the following:
Deactivating a user means the user account is still present in the system, but is not able to log in. Additionally, default and runtime object permissions for that user are revoked.
Running processes that were started by a user who was later deactivated will pause by exception. This will not happen immediately, but is guaranteed to happen no later than the next time the application server is restarted.
When designing applications, it's important to consider the lifecycle of the user separate to the lifecycle of the event. A user's departure does not mean the end of their responsibilities.
Process models or any node in a process model configured to run as their designer will fail to run if the designer user becomes deactivated. Also, when process models are imported from one environment to another, the user importing these applications becomes the process model designer. For these reasons, Appian recommends that applications be imported into test and production environments using a service account of type System Administrator that will not be deactivated.
If needed, applications can be force updated by an active user using an import customization file.
System administrators can deactivate users from the Administration console by doing the following:
NOTE: The Administrator user account cannot be deactivated.
When a user account is reactivated, its last login time is set to the current date and time to prevent the user from being immediately deactivated (if a policy is in place to do so for users who do not log into the system within a certain amount of time). See also: Appian Authentication
System administrators can reactivate users from the Administration Console by doing the following:
When a user account is locked according to a password policy (such as having too many failed login attempts within the designated time frame) a banner is displayed on the Update User dialog for that user.
System administrators can unlock users from the Administration Console by doing the following:
System administrators assign certain rights to a user by making the user a Basic User or a System Administrator.
To modify a user's type after creating the user, complete the following:
Other User Rights
All user actions are verified using access control lists prior to execution. Individual objects can be secured by granting rights to individual users or groups based on group membership and user role maps.
Best Practice: Rather than assign rights for various objects to each individual user, as a best-practice, create a custom group for each role within your organization. Assign rights in the system according to group and then add the users in that role to the associated group.
As Basic User accounts interact with Appian, they are frequently assigned additional roles. These roles are granted the necessary rights to perform various tasks, such as administering the objects they create. Basic users must be given the Designer Role in order to access Appian Designer.
A Basic User can select her preferred time zone, language, calendar settings in Tempo by doing the following:
Select the preferred settings and click Save Changes.
The System Administrator can override the preferred settings through the Administration Console.
All portal and email notifications issued by the application can be configured by Basic User and System Administrator accounts. The server administrator can configure email notification settings for the entire site, but each individual user can override these settings for their own account.
A Basic User account can select a component to display its associated alerts (the alert type). Selecting an alert type displays its associated alert rules, which can be edited.
See also: Notifications
The following user rights are available to viewers of the Tempo interface:
|Ability||System Administrator||Basic User|
|View public events (events that are not targeted to any specific user).||Yes||Yes|
|View events targeted to a group the user belongs to.||Yes||Yes|
|View posts added by users the user is following.||Yes||Yes|
|Search for posts added by users the user does not have viewer rights to.||Yes||No|
|Post to his or her followers.||Yes||Yes|
|Post a comment on any visible feed entry.||Yes||Yes|
|Send a message to everyone.||Yes||No|
|Send a message to a user he or she does not have viewer rights to.||Yes||No|
|Send a message to a Tempo Message Audience Group the user is a part of.||Yes||Yes|
|Create a task for a user the user does not have viewer rights to.||Yes||No|
|View tasks assigned to the user or sent by the user.||Yes||Yes|
|View tasks assigned to other users.||No||No|
|Give kudos to other users.||Yes||Yes|
|View kudos given to other users.||Yes||Yes|
|View an action without view rights to the associated process model.||Yes||Yes|
|Take an action that is in a viewable process model and application.||Yes||Yes|
|Take an action without view rights to the associated process model.||No||No|
|Open a case without view rights to the associated process model.||No||No|
|View his or her own profile.||Yes||Yes|
|View a profile of a user they do not have viewer rights to.||Yes||No|
NOTE: System Administrators have viewer rights to all users.
Users can be added to a group by navigating to the group in Appian Designer, and clicking Add Members in the toolbar or by configuring a membership rule. See Group Management for more details.