Managing users

Examine users and decide who needs access to which applications and asset groups. Consider grouping users by business unit or geography.

About this task

Only administrators have access to user management capabilities.

Authenticating users

About this task

AppScan 360° authenticates users by connecting ASCP to Active Directory using LDAP. Authentication method is configured during ASCP install using LDAP parameters and the EXTERNAL_IDP_MODE= parameter and an appropriate value.
Users can be added to AppScan 360° in one of three ways:
  • AutoOnboard: All Active Directory authenticated users are onboarded automatically when logging in to AppScan 360°. Users are assigned the default role and added to the default asset group. Roles and asset groups for automatically onboarded users can be changed manually.
  • ManualOnboard: Only users that have been explicitly invited to AppScan 360° by an administrator can log in.
  • GroupsAccess: Users who belong to a configured Active Directory group are onboarded AppScan 360° and can log in. Group users are assigned the default role and added to the default asset group. Roles and asset groups for users onboarded as part of groups can be changed manually.

    To use GroupsAccess, Active Directory groups must be specified during configuration with the LDAP_AUTHORIZED_GROUPS= parameter. The group name is taken from Active Directory.

You can configure AppScan 360° to onboard new users automatically, or to require them to be invited by an administrator through the user interface.
Note: If a user login fails, check Active Directory to verify that the user exists, is enabled, and that the password is valid.

Adding users manually

About this task

If AppScan 360° is configured for manually inviting users:

Procedure

  1. Select Access management > Users > Add users.
  2. In the Add users dialog, select Username or Email and add up to twenty users to invite.
  3. Select the users' role. For details, see Roles.
  4. Select an asset group, or leave the default asset group selection. Optional.
    An invitation email with a confirmation link is sent to the users you invited.

Changing a user's role

Procedure

  1. Click Access management > Users.
  2. In the row for the user, click The pencil icon.
    A drop-down list appears in the role for that user.
  3. Select the role from the list.
    Note: Changes to the role of a user who is currently logged in take effect only after the user logs out and log back in.