This documentation is for WSO2 API Manager 1.7.0 View documentation for the latest release.
Adding Users - API Manager 1.7.0 - WSO2 Documentation
||
Skip to end of metadata
Go to start of metadata

Users are consumers who interact with your organizational applications, databases or any other systems. These users can be a person, a device or another application/program within or outside of the organization's network. Since these users interact with internal systems and access data, the need to define which user is allowed to do what is critical. This is how the concept of user management developed. To enable users to log into the product's management console, you create user accounts and assign them roles, which are sets of permissions. You can add individual users or import users in bulk.

Follow the steps below to create users and assign them to roles that you created in section User Roles in the API Manager. Also see how to add an e-mail address as the username of a user.

  1. Log on to the Management Console and select Users and Roles from the Configure menu. 

  2. Click Users in the User Management window that opens.

    The Users link is only visible to users with administrator permission. It is used to add new user accounts and modify or delete existing accounts. The admin user has administrator privileges.

     

     

  3. Click Add New User.

     

  4. The  Add User  page opens. Provide the user name and password and click Next. The Domain drop-down list contains all user stores configured for this product instance. By default, you only have the PRIMARY user store. To configure other user stores, see  Configuring User Stores.

  5. Select the roles you want to assign to the user. In this example, we assign the user the creator role defined in section  User Roles in the API Manager.

  6. Click  Finish  to complete. The new use appears in the Users list.

From here, you can change the user's password, assign different roles or delete it. Since the apicreator user is assigned the creator role, it now has permission to create and manage APIs through the API Manager. Similarly, you can create users and assign them the publisher and subscriber roles.

You cannot change the user name of an existing user.

Using the e-mail as the username

When adding a user, if you provide an e-mail address as the username, modify the following files accordingly:

  • In <AM_HOME>/repository/conf/carbon.xml file, set <EnableEmailUserName>true</EnableEmailUserName>
  • In <AM_HOME>/repository/conf/api-manager.xml file, set

    <LoginConfig> 
             <UserIdLogin primary="true"> 
             <ClaimUri></ClaimUri> 
             </UserIdLogin> 
             <EmailLogin primary="false"> 
                 <ClaimUri>http://wso2.org/claims/emailaddress&lt;/ClaimUri> 
             </EmailLogin> 
    </LoginConfig> 
  • In <AM_HOME>/repository/conf/user-mgt.xml file, set

    <UserStoreManager class="org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager"> 
     ... 
       <Property name="IsEmailUserName">true</Property> 
       <Property name="UsernameWithEmailJavaScriptRegEx">[a-zA-Z0-9@._-|//]{3,30}$</Property> 
     ... 
    </UserStoreManager> 

If there are multiple tenants set up in your environment, e-mail login does not work for any tenant including the super tenant. This facility is currently only available in single tenant mode (i.e., users of the carbon.super tenant only). However, this limitation does not apply to user provisioning based on a social network login.

  • No labels