Here is described how users can be managed within Servitly.
The following diagram reports all the involved phases, from user registration to its deletion.
Servitly provides specific functionalities for each phase, see the following paragraphs for more details.
User creation can be managed in two ways:
- Manual creation: an administrator creates a new user.
- Self-registration: the user performs self-registration from the login page.
In both cases, the user access password is always prompted by the user himself.
All the passwords configured by the users are validated and securely stored, for more details refer to the Security Overview article under the Passwords paragraph.
Manual Users Creation
Administration users belonging to an organization or to a partner can manage users by entering the editing pages of the business entities (Organization, Partner, Customer, Location), according to the user rights, it is available the Users tab that allows you to manage existing users and also create new ones.
Instead, administration users belonging to a customer (e.g. Homeowner, IT manager), can manage its account's users by entering the Account page from the top-right drop-down menu.
By clicking the Add user button, a new user creation process is started.
Optionally, the page may ask to provide other contact information (e.g. mobile number), but this information depends on how the Domain Model properties have been configured in the tenant.
Once the Save button is pressed, an email is sent to the address associated with the user being created.
Hello Edgar Busch,
Welcome to the Hubner Comfort365 service, a new account has been prepared for you.
Click on the link below to complete the registration:
By clicking on the email URL, the new user can complete its registration by configuring its private password.
The URL has a validity limited to 30 days.
In case the registered user has lost the registration email, or the registration URL has expired, the registration email can be resent.
Enter the user editing page, then select the Activity tab and finally click the button on the right of the Account creation email sending date field.
If enabled on the DPS, within the Login page the user can start the self-registration procedure, by clicking on the Create new account link the application will ask for an email address used to verify the user's identity before continuing the registration process.
Once the address has been provisioned, the following email with a temporary registration link (60 minutes duration) is sent to the user.
Hello Edgar Busch,
You recently requested to create a new Comfort365 account.
Click the link below to complete the account registration:
If you did not request an account creation, please ignore this email.
This request is only valid for the next 60 minutes.
By navigating the registration link, the user will access the account registration page, where it can provide all the required information:
- Company main information for business accounts.
- User main information.
- Access password.
When completed, a new Customer is created, and the provided email address is used to create the owner user who will be able to manage the customer account.
You can enable the Self Registration within the User Onboarding console page.
Access to the tenant requires the user to provide a set of valid credentials within the login form.
By default, the login page is protected by reCAPTCHA v3.
If the reCAPTCHA V3 score is poor or after 5 consecutive failed login attends, a challenge is prompted to the user in order to verify that it is not a robot.
Optionally, if the Two-Factor Authentication is enabled, the user after clicking the login button must also insert the generated OTP code.
In the alternative to using credentials (email and password), users can log in through an external identity provider by using the OpenId Connect plugin.
The password is presented as a one-line plain text editor control in which the text is obscured so that it cannot be read, usually by replacing each character with a symbol (* or •).
Once the account has been activated it could happen that the user forgot his access password, in this case, it is enough to click on the "Forgot password?" link from the login page.
Also, in this case, the application asks the user to provide the registration email to reset the password.
For security reasons, the page does not report any evidence that the e-mail entered does or does not belong to a registered user.
Once the address has been provisioned, the following email with a temporary reset link (60 minutes) is sent to the user.
Hello Edgar Busch,
You recently requested to reset the password of your Comfort365 account.
Click the link below to reset your password:
If you did not request a password reset, please ignore this email.
This password reset is only valid for the next 60 minutes.
By navigating the reset password link, the user will access a page allowing him to reset the password by providing a new one.
Once updated, the user can now log in with the new password.
This page allows the users to configure their personal preferences and information.
The General tab permits editing the user's personal information, localization preferences, and optionally perform a logout or delete the profile.
Within the Preferences section the user can change the preferred language used to translate labels, and according to it, also the format to be applied on date, time and numbers.
If needed, the timezone used to format date and time can be redefined.
The Security tab permits to manage the account security, including password reset and 2FA (Two-factor Authentication) configuration.
By pressing the Reset Password button, an email with the reset link is sent to the user. For more details about the Two-factor Authentication, refer to the Two-factor Authentication article. Into this tab you can have an overview of all devices you used to access the DPS application, and optionally, you can logout from them.
The Notifications tab permits configuring how the user must be notified in case of an alert is activated.
In addition to defining which event one wants to be notified for, the user can turn notification channels on or off.
To use the SMS notifications (if the SMS channel is enabled on the tenant) the user must specify a mobile phone number. Note that, SMS is a pay-per-use notification channel.
When a new user is created, the email channel is selected by default for the WARNING and CRITICAL alerts.
The Reports tab permits to configure the periodic reporting.
A user can be automatically suspended after several months of inactivity (no login, no page access).
User types having the NEVER_SUSPEND permission will not be subject to automatic suspension. Generally, this is applied to Technical users which may not access the application for a long time.
You can configure user suspension within the Account console page.
A suspended user can be manually reactivated by entering the user editing page and then the Activity tab.
Administration users belonging to a customer can access the Account page from the top-right drop-down menu.
This page allows modifying all the information concerning the parent customer, which can be the company or a private user.
Within the Users tab, it is possible to manage and create new users, here is the place where to create users for colleagues or other family members.
Instead, the Authorizations tab allows you to set the authorizations between the users and customer products.
In case the user what to delete the entire account, he can access the Settings tab and click the Delete account button.
The DPS notifies users with different emails according to the occurred event (e.g. Registration, Password Changed, Machine Failure). All these messages can be configured, and by using placeholder generate dynamic content for each user.
This is a test template.
For more details about messages configuration, refer to the Messages article.
Unsubscribe from notifications
If the mail includes the unsubscribeUrl placeholder, users can unsubscribe from notifications related to alerts, work-sessions, and periodic reports.
By clicking the link, the user is redirected to a confirmation page.
If confirmed, the notifications are turned off.
Unsubscription also takes effect in case the email address is used within a property of type CONTACTS or in a thing rule with a notification action configured.
User Permissions and Authorizations
When a user is created, it is automatically associated with a User Type which defines the set of permissions. Moreover, the objects a user can access depend on the user context in terms of the parent business unit (Organization, Partner, Customer, Location), for more details refer to Ecosystem structure.
Optionally, a customer user can be associated with user-to-thing authorizations giving access to a thing for a limited period and with specific permissions.