Configuring Users and Permissions

Users, passwords, and permissions can be edited within 1Integrate.

Access to the different sections of 1Integrate is controlled by a series of permissions. Changing these permissions is achieved by changing Roles.

Warning: By default, 1Integrate is deployed with example users and passwords included. This enables a quick set-up process, but for security reasons it is HIGHLY RECOMMENDED that you:

Change all passwords from the default to unique values.
Change the user names to ones relevant to your organisation.
Do not store user names and passwords in plain text and use an external identity management system instead.

For stronger security, manage users in an external identity management system by using one of the following supported authentication protocols:

This ensures that passwords and user names are not stored in the application server but managed by your IT department instead.

Permissions

Each user is assigned one or more Permissions. These permissions determine a user's privileges and the areas of the functionality to which they have access.

When configuring Permissions in the application server they will be interchangeably known as "Roles", but the two terms are interchangeable.

Permission	Description
`1int-datastores-read`	Grants the ability to read Data Store objects and folders at the endpoint.
`1int-datastores-write`	Grants the ability to write Data Store objects and folders at the endpoint..
`1int-rules-read`	Grants the ability to read Rule objects and folders at the endpoint..
`1int-rules-write`	Grants the ability to write Data Rule objects and folders at the endpoint..
`1int-actions-read`	Grants the ability to read Action objects and folders at the endpoint.
`1int-actions-write`	Grants the ability to write Action objects and folders at the endpoint.
`1int-actionmaps-read`	Grants the ability to read Action Map object and folders at the endpoint.
`1int-actionmaps-write`	Grants the ability to write Action Map objects and folders at the endpoint.
`1int-sessions-read`	Grants the ability to read Session objects and folders at the endpoint.
`1int-sessions-write`	Grants the ability to write and edit the Session objects and edit folders.
`1int-sessions-control`	Grants the ability to control a session with the "Play", "Pause", "Rewind" and "Stop" functions.
`1int-sessions-results`	Grants the ability to access all Session results, including both Task and Session results i.e. Validation errors.
`1int-grid-read`	Grants the ability to view the engine grid.
`1int-grid-write`	Grants the ability to edit the engine grid.
`1int-api-keys`	Grants the ability to manage the API Key functionality in the Administration section.
`1int-access-groups`	Grants the ability to manage and configure Access Groups.
`1int-repository`	Grants the ability to access the Repository Administration functions and to see the Environment and System Properties.

Group Permissions

There are two sets of group permissions available that can be used to quickly assign a common set of permissions to a user.

Group Permission	Description
`1int-user`	The User is designed to be applied to standard users, this role includes: `1int-datastores-read` `1int-datastores-write` `1int-rules-read` `1int-rules-write` `1int-actions-read` `1int-actions-write` `1int-actionmaps-read` `1int-actionmaps-write` `1int-sessions-read` `1int-sessions-write` `1int-sessions-control` `1int-sessions-results` `1int-grid-read`
`1int-admin`	The Admin to includes all permissions and is designed for those that will be performing administrative functions. Includes all the permissions of 1int-user with the addition of: `1int-grid-write` `1int-api-keys` `1int-access-groups` `1int-repository`

Group Permission

Description

1int-user

The User is designed to be applied to standard users, this role includes:

1int-datastores-read
1int-datastores-write
1int-rules-read
1int-rules-write
1int-actions-read
1int-actions-write
1int-actionmaps-read
1int-actionmaps-write
1int-sessions-read
1int-sessions-write
1int-sessions-control
1int-sessions-results
1int-grid-read

1int-admin

The Admin to includes all permissions and is designed for those that will be performing administrative functions.

Includes all the permissions of 1int-user with the addition of:

1int-grid-write
1int-api-keys
1int-access-groups
1int-repository

Default Users

The following users are created by default upon installation:

Username	Password	Assigned permissions
INTFull	integrate1	This default User has the 1int-admin Group Permission applied.
INTAdmin	integrate101	This default User has the 1int-admin Group Permission applied.
INTUser	integrate102	This default User has the 1int-user Group Permission applied.

Note: You will need to restart 1Integrate for any changes to user and permissions to take effect.

Custom Users

To configure Users and Permissions, navigate to the \[1integrate_Directory]\SETTINGS folder. This folder contains the following files:

users.properties contains a list of usernames and passwords, in the form username=password.

Note: All users listed in the previous table are included as default.

roles.properties contains a mapping from user names to 1Integrate permissions in the form username=permission1,permission2,permission3