Edit a User Account

Edit a user account.  

Permissions

Your user account or group membership must have the following permissions to edit a user account unless your user account has the Make this user a Super Admin setting selected:

  • Users: Edit User

  • Users: View Users

See the Users permissions or ask your Administrator for assistance.

Edit a User Account

Follow these steps to edit a user account:

  1. View all user accounts. The Users tab displays.

  2. Click the menu, and then select the Edit User option for the user account to edit.

User Information

Edit General Information

Follow these steps to edit the following information in the Information tab about the person associated with the user account as necessary:

  1. Locate the Profile section.

  2. In the General Information section, change the following information:

    • In the First Name setting, edit the person's first name. This is a required setting.

    • In the Last Name setting, edit the person's last name. This is a required setting.

    • In the Job Title setting, edit the person's organizational job title.

      Profile section of a user account

  3. In the Contact Information section, change the following information:

    • In the Email setting, edit the person's business email address. This is a required setting.

    • In the Phone setting, edit the person's business telephone number.

    • In the Fax setting, edit the person's business fax number.

    • In the Cell setting, edit the person's cell phone number.  

      Contact Information of a user account

  4. In the Address section, change the following information:

    • From the Country drop-down menu, select the country for the person's business address.

    • In the Address setting, edit the person's business address.

    • In the City setting, edit the city for the person's business address.

    • From the State or Region drop-down menu, select the state, region, or province for the person's business address.

    • In the Postal Code setting, edit the person's business postal code.

      Address section of a user account

  5. Click Save.

Edit User Settings

Follow these steps to edit the following information in the Information tab about the person associated with the user account as necessary:

  1. Locate the Settings section.

    Settings section of a user account

  2. From the Date Format drop-down menu, select the format for how dates are displayed for this person from the following options:

    • m/d/Y (12/31/2017)

    • m/d/Y h:i A (12/31/2017 11:30 pm)

    • m/d/Y H:i (12/31/2017 23:30)

    • d/m/Y (31/12/2017)

    • d/m/Y h:i A (31/12/2017 11:30 pm)

    • d/m/Y H:i (31/12/2017 23:30)

    • Y/m/d (2017/12/31)

    • Y/m/d H:i (2017/12/31 23:30)

    • d.m.Y H:i (31.12.2017 23:30)

    • Y-m-d H:i (2017-12-31 23:30)

  3. Optionally, from the Time Zone drop-down menu, change the default time zone from which this user uses ProcessMaker Platform. The default Time Zone setting value sets from the Administrator's Web browser. Change to this user's time zone if different than that of the Administrator's.

  4. From the Language drop-down menu, select in which language to display user interface labels in ProcessMaker Platform. Note that English-language is the default language and the only natural language provided without the Translations. You may also display the user interface labels and messages in German, Spanish, or French languages. Changing this profile setting only affects this user account.

    Optionally, select one of the following non-English languages:

    • German: Select the de option.

    • Spanish: Select the es option.

    • French: Select the fr option.

  5. From the Status drop-down menu, select the status of the user account from the following options:

    • Active: An Active user account is one in which a person can use it to log on to ProcessMaker Platform.

    • Inactive: An Inactive user account is one in which a person cannot use it to log on to ProcessMaker Platform.

    • Out of Office: An Out of Office user account is one in which that user's newly assigned Tasks automatically delegate to a specified user. Configure which user to delegate Tasks for this user from the Delegation setting below. Use this status for when this user is not generally available, such as when this user goes on leave. The Out of Office status becomes that user's status when viewing users in the organization.

    • Scheduled: A Scheduled user account is one in which that user is scheduled to be available to work on assigned Tasks. If a Task is assigned a user not available, then that Task can be automatically delegated to a specified user. Configure which user to delegate Tasks for this user from the Delegation setting below. The Scheduled status becomes that user's status when viewing users in the organization.

      Follow these steps to set when this user is scheduled to do Tasks:

      1. Select the Scheduled option. A table displays of the days of the week, beginning with Sunday. Beside each day of the week, hours from which this user is available and not available to do Tasks display. Days that appear with a gray-colored background are those that this user are scheduled to do Tasks.  

        The "Schedule" option in a user account to schedule when a user is available to work

      2. Configure each day of the week this user is scheduled to do Tasks:

        • Schedule the user to work that day: Select the day until it appears in a gray-colored background.

        • Do not schedule the user to work that day: Select the day until it appears in a white-colored background.

      3. Configure hours for each day using 24-hour format that this user is scheduled to do Tasks:

        1. Begin work hours: From the left-side hour for each day, select from which hour this user is scheduled to begin working on Tasks that day.

        2. End work hours: From the right-side hour for each day, select from which hour this user is no longer scheduled to work on Tasks that day.

  6. From the Delegation drop-down menu, select the user to delegate Tasks if this user is not available because of status or schedule.

  7. From the Manager drop-down menu, select the manager for this user. Tasks that this user are assigned can be configured to escalate to the manager specified from this setting. If no user is selected, Tasks are assigned by default to the Process Manager. As a best practice, Process designers should configure the Process Manager for each Process.

  8. Click Save.

Edit the User Avatar

Follow these steps to edit the following information in the Information tab about the person associated with the user account as necessary:

  1. Locate the Avatar section.

  2. Do one of the following:

    • Upload an avatar: If there is no avatar image, the initials for that person's full name display. Click the Upload Avatar button. The Browse button displays. Continue to step 4.

    • Change an avatar: Select the Change button to upload a new avatar image. Continue to step 4.

    • Remove the current avatar: Click the Clear button. The initials for that person's full name display. Continue to step 7.

  3. From the Upload Avatar screen, click the Browse button to locate the image to be your avatar.

  4. Locate and then select the image to be your avatar. The image fits into the Upload Avatar screen.

  5. Adjust the size of the image using the image size indicatorto fit well inside the circle where the avatar displays, and then click Save. The avatar displays in the Avatar section.

  6. Click Save to save the profile.

Edit the User Login Information

Usernames and passwords must adhere to the following protocol:

  • Aside from alphanumeric characters, ProcessMaker Platform allows only the following characters in usernames:

    • commercial at (@)

    • hyphen (-)

    • period (.)

    • plus (+)

    • underscore (_)

  • Passwords must be at least eight (8) characters long, must contain at least one uppercase letter and a number or symbol. Password special characters are recommended.

Notice to Administrators

Enhance security for your ProcessMaker Platform instance by following these best practices.

  • Require all users to periodically reset their passwords.

  • Enable the User must change password at next login toggle, for each user to require a password change at their next login.

Follow these steps to edit the following information in the Information tab about the person associated with the user account as necessary:

  1. Locate the Login Information section.

  2. In the Username setting, edit the username for the person's user account. Aside from alphanumeric characters, ProcessMaker Platform allows only the following characters in usernames:

    • commercial at (@)

    • hyphen (-)

    • period (.)

    • plus (+)

    • underscore (_)

    This is a required setting.

  3. In the New Password setting, edit the password to log on with the user account. Leave the New Password setting blank to keep the current password. Passwords must be at least eight (8) characters long, must contain at least one uppercase letter and a number or symbol. Password special characters are recommended. Password validation indicates how strong your password is and, at a minimum, it should meet the medium strength requirements described above.

  4. In the Confirm Password setting, confirm that the password matches that entered into the New Password setting if a new password was entered. If you entered a new password, password validation indicates if the New Password and Confirm Password values do not match.

  5. Enable the User must change password at next login toggle key to require this user to change the password prior to next logging on to ProcessMaker Platform. When this toggle key is enabled, the following screen displays at that user's next log on:

    After the user changes the password, the toggle key disables automatically.

  6. Enable the Allow to set a Password toggle key to allow the user to log on with username and password credentials, which enhances the security with SSO enabled. If this option is disabled, then as a best practice block the option to set or change the password.

  7. If the Two Factor Authentication is enabled, the Two Factor Authentication section will display all available authentication modes.  

    All modes are enabled by default, however, users can enable or disable the following options depending on the configured two-factor authentication methods:

    • By email

    • By phone number

    • Authenticator App

  8. Click Save.

Configure the Home Page Dashboard, Redirect URL, Menu and/or Home Analytics Dashboard

Configure a custom home  page, a menu, and/or home Analytics dashboard for a user when that user logs on to ProcessMaker Platform. A custom home page is either a dashboard that displays to the user or redirects that user to a specified URL. The redirected URL may be to an external site, such as to an organization's portal, or to a ProcessMaker Platform location such as a specified Collection or Saved Search to which that user has access.

The custom home page and menu are configured separately.

See the following home page configurations for the user account:

Select the Home Page Dashboard for the User

A dashboard displays important and relevant business management information (BMI) and key performance indicators (KPI) to specific business stakeholders when they need it. After the user logs on to ProcessMaker Platform, the dashboard displays instead of the default ProcessMaker Platform page.

The user does not experience the change until the next time that user logs on.

Follow these steps to select the dashboard for the user account's home page:

  1. Locate the Dynamic UI section.

  2. From the Home Page drop-down menu, select the My Dashboard option.

    The Dashboard setting displays.

  3. From the Dashboard drop-down menu, select the dashboard as the home page for the user account.

  4. Click Save.

Configure the Home Page to Redirect to a Destination for the User

Overview

Configure a custom home page for a user that redirects to a specified URL when that user next logs on. The redirected URL may be to an external site, such as to your organization's portal, or to a ProcessMaker Platform location such as a specified Collection or Saved Search to which that user has access.

See the following sections for information to redirect to a Collection or Saved Search since both require unique conditions to configure properly:

Redirect to an External Site

Specify a URL that redirects a user to an external site such as to your organization's portal:

  1. Locate the Dynamic UI section.

  2. From the Home Page drop-down menu, select the URL Redirect option. The Redirect Url setting displays.

  3. In the Redirect Url setting, enter the external site's URL to redirect to that location upon next log on.

  4. Click Save.

Redirect to a Collection

Specify a URL that redirects a user to a Collection when that user next logs on.

Ensure that the user has the following:

Otherwise, that user cannot access the Collection.

If a user cannot access a Collection, the following message displays instead of the Collection: Unauthorized.

Locate the Collection's URL prior to configuring this setting.

Follow these steps to configure the redirect URL to a Collection as the user account's home page:

  1. Locate the Dynamic UI section.

  2. From the Home Page drop-down menu, select the URL Redirect option. The Redirect Url setting displays.

  3. In the Redirect Url setting, enter the Collection's URL to redirect to that Collection upon next log on.

  4. Click Save.

Specify a URL that redirects a user to a Saved Search when that user next logs on.

Ensure that the user has been shared the Saved Search; otherwise, that user cannot access the Saved Search.

If a user cannot access a Saved Search, the following message displays instead of the Saved Search: Unauthorized.

Locate the Saved Search's URL prior to configuring this setting.

Follow these steps to configure the redirect URL to a Saved Search as the user account's home page:

  1. Locate the Dynamic UI section.

  2. From the Home Page drop-down menu, select the URL Redirect option. The Redirect Url setting displays.

  3. In the Redirect Url setting, enter the Saved Search's URL to redirect to that Saved Search upon next log on.

  4. Click Save.

Select the Menu for the User

A custom menu replaces the default top menu that displays in ProcessMaker Platform.

The user does not experience the change until the next time that user logs on.

Follow these steps to select the menu for the user account's home page:

  1. Locate the Dynamic UI section.

  2. From the Top Menu drop-down menu, select the custom menu for the user account to replace the default top menu.

  3. Click Save.

Edit User's Group Membership

Specify to which group(s) the user is a member. Permissions are additive for the user: any permission(s) assigned to the group that user is a member also apply to that user.

As a best practice, do not assign the same user to multiple groups that contain distinct sets of permissions. For example, do not assign a user to a group in which its members have Requests category permissions and to another group assigned with all permissions; otherwise, that user has all permissions.

Follow these steps to edit the following information in the Groups tab about which group(s) this user account is a member as necessary:

  1. Click the Groups tab. The Groups tab displays all groups created in your ProcessMaker Platform instance. If no groups have been created, the following message displays: No Data Available. See Create a Group.  

    The Groups tab displays the following information:

    • Name: The Name column displays the name of the group.

    • Description: The Description column displays the description of the group.

    • A toggle key represents whether the user is a member of that group.

    Groups tab from which to add which groups a user account is a member

  2. Follow these guidelines to select group memberships for the user:

    • Select the toggle key for each group to which you want the user to be a member. When the toggle key is enabled for a group, that user becomes a member of that group. When the toggle key is disabled for a group, that user is not a member of that group.

    • Enter in the Search setting the text to filter groups by their name.

  3. Click Save.

Edit User Permissions

Follow these steps to edit the following information in the Permissions tab about the person associated with the user account as necessary:

  1. Click the Permissions tab. The Permissions tab displays permissions assigned to that user account.  

    Permissions tab from which to set permissions for a user account

  2. In the Permissions tab, change which permissions from each permission category to assign that user account if necessary. Follow these guidelines to change permission assignments:

    • Super Admin: Assign the Make this user a Super Admin option to grant unrestricted access to the entire ProcessMaker Platform instance. For more detailed information, see Permission Descriptions for Users and Groups.

    • Select the Assign all permissions to this user checkbox to assign all permissions to the user account.

    • Click on a permission category to expand the view of individual permissions within that category. Click on an expanded permission category to collapse that category. If you don't intend to assign this user account with any group(s), then assign permissions to this user account. Note that if this user account is assigned to any group(s), the permissions set in the group(s) take apply to those assigned to the user account. See Permission Descriptions for Users and Groups.

  3. Click Save.

Manage API Tokens for the User

Use an API token with a user account to successfully make calls to ProcessMaker Platform's REST API from an external third-party application or a Script. For security purposes, the API token must not be expired for that API token to work.

A user must have a valid API token to successfully make calls to our RESTful API from an external third-party application.

Follow these steps to manage API tokens for a user account:

  1. Click the API Tokens tab.

  2. Manage the API tokens for the user account as necessary:

Generate an API Token

An API token is required to successfully make calls to our REST API from an external third-party application or a Script. For security purposes, the API token must not be expired for that API token to work. An API token is valid for one calendar year from its creation date.

To share the generated API token with the person to whom uses the user account requires copying the API token and the time that the API token generates. If you neglect to copy and share the generated API token at the time ProcessMaker Platform generates it, there is no opportunity to view and copy it again; you must generate another API token.

Follow these steps to generate an API token that allows that user account:

  1. Click the API Tokens tab.  

    The API Tokens tab displays the following information about each generated API token:

    • ID: The ID column displays the automatically-generated ID for the API token.

    • Created At: The Created At column displays the date the API token was generated.

    • Expires At: The Expires At column displays the date the API token expires.

  2. Click +Token. The New Token screen displays.

  3. Click the Copy Token to Clipboard button.

  4. Share the API token with the person to whom uses this user account. Ensure not to close the New Token screen until you do so.

  5. Click Close. The API token displays in the API Tokens tab. Make note of when the API token automatically expires.

  6. Click Save.

Delete an API Token

Delete an API token from a user account when that API token expires or to restrict that user from making calls to the ProcessMaker Platform RESTful API from an external third-party application or a Script.

Deleting a valid API token revokes the user holding the token from using an external third-party application from successfully making calls to the ProcessMaker Platform RESTful API. Deleting an API token cannot be undone.

Follow these steps to delete an API token:

  1. Click the API Tokens tab.

  2. Click the Delete iconfor the API token to delete. A message displays to confirm deletion of the API token. The API token is referenced by its ID value.  

  3. Click Confirm.

  4. Click Save.

View All Security Logs for a User

In the Security Logs tab within each user account, ProcessMaker Platform maintains a record of the datetime, and IP address for the following activities that user performs:

  • Log on: Each successful and unsuccessful log on attempt

  • Log off: Each log off from ProcessMaker Platform

  • User profile changes: Any changes to that user's profile, including:

    • profile information

    • group memberships

    • permissions

    • API tokens, including creation, update, and deletion

  • Collections: Reading, creating, updating, and deleting any Collection or Collection record

  • Settings: Changing settings, including:

    • Create or revise any email server or changes in their configuration options (including IMAP)

    • Enable new SSO options or change configuration options

    • Enable or change configuration options to other systems, such as DocuSign and IDP

    • Enable LDAP or SCIM or change their configuration options

    • Enable or disable User Signals

    • Update User Extended Properties or change their designated time zone

  • Customize UI: Changes within the Customize UI menu (inputs to change setting values, including deletions)

  • System messages: System alerts and errors (including within Requests)

  • Other user activities: Other user activities in the platform, including:

    • Create, update, publish, archive, or unarchive a Process

    • Create, update, or delete any Designer asset, including Process Templates, Screens, Scripts, Environment Variable, Data Connector, PM Blocks, Decision Tables, or Vocabularies

    • Create, update, or delete any non-Designer assets, including Saved Searches, Saved Search Charts, auth client, Script Executors, Dynamic UI dashboards or menus, or Translations

    • Perform global or local search queries

    • Access, reassignments, retries, rollbacks, and completion of Tasks, including parent Request ID

    • Start, cancel, and complete Requests

    • Access Queue Management/Laravel Horizon by section name

    • Create a user or group

See Security Log Events for a description of each user activity event.

In addition to the other user permissions required to edit a user account, the Security Logs permission is required to view security logs.

Follow these steps to view all activities in ProcessMaker Platform for a user:

  1. Click on the Security Logs tab. That user's activity displays in a tabular format.  

"Security Logs" tab displays the user activity events for a user

Each log entry contains the following information about that log event:

  • Event: The Event column displays the nature of the event.

  • IP Address: The IP Address column displays the IP address from which the event occurred.

  • Browser: The Browser column displays the name of the Web browser from which the event occurred.

  • Operating System: The Operating System column displays the name of the operating system from which the event occurred.

  • Occurred At: The Occurred At column displays the datetime at which the event occurred.

View Information About a Security Log for a User

Follow these steps to view information about a user's security log:

  1. Click on the Security Logs tab.

  2. Click on the icon to view more information about a user activity event.

Login and Logout events do not contain additional information, so the icon for their events are disabled.

Download the Security Logs for a User

Download a user's activity logs in CSV or XML formats.

In addition to the other user permissions required to edit a user account, the Security Logs permission is required to view security logs.

Follow these steps to download a user's activity logs:

  1. Do one of the following:

    • Click the CSV button to download this user's activity logs in CSV format.

    • Click the XML button to download this user's activity logs in XML format.

    The security logs compile in the background. While doing so, the following message displays: The file is processing... Please wait for an alert with the download link..

  2. ProcessMaker Platform compiles the security logs from your your AWS S3 bucket in the background. You may continue working as necessary in ProcessMaker Platform. The following message displays from the currently displaying page when the security logs are ready to download: Click on the link and download the file. This link is available for 24 hours.

  3. Click the Download link.

Sort the Security Logs for a User

For readability and ease of use, user activity logs are sorted to display the latest event first. This order is customizable and logs can be sorted based on any of the displayed columns.

In addition to the other user permissions required to edit a user account, the Security Logs permission is required to view security logs.

Follow these steps to sort a user's activity logs:

  1. Click on the sort iconsfor a column to sort data in that column in ascending or descending order. See Control How Tabular Information Displays.

Search the Security Logs for a User

Use the Search function to filter the security logs based on a certain criteria. For example, use an IP address in the Search field to see log on or log off attempts from that IP address only.

In addition to the other user permissions required to edit a user account, the Security Logs permission is required to view security logs.

Follow these steps to search a user's security logs:

  1. Enter in the Search setting the text to filter security logs using any of the following criteria:

    • Event: Filter by the name of the event that displays in the Event column.

    • IP address: Filter by the IP address from which the event occurred that displays in the IP Address column.

    • Web browser: Filter by the Web browser from which the event occurred that displays in the Browser column.

    • Operating system: Filter by the operating system from which the event occurred that displays in the Operating System column.

    • Datetime: Filter by the datetime that the event occurred that displays in the Datetime column.

  2. Enter text into the Search setting, and then press Enter. Logs for that user display that match your entered text.

If there are no search results, the following message displays: No Results.