Users are consumers who interact with your enterprise's applications, databases or any other systems. These users can be persons, devices or applications/programs within or outside of the enterprise's network. Since these users interact with internal systems and access data, the need to define which user is allowed to do what is critical. This is called user management.
Follow the steps below to create users and assign them to roles via the admin console. Also, if you want to authenticate users via e-mail, social media, multiple user store attributes, see Maintaining Logins and Passwords.
Log in to the Management Console and click Add under Users and Roles in the Main menu.
Click Add New User.
The Add User page opens. Provide the username and password and click Next.
Tip: The Domain drop-down list contains all user stores configured in the system. By default, you only have the PRIMARY user store. To configure secondary user stores, see Configuring Secondary User Stores.
Select the roles you want to assign to the user. In this example, we assign the
creatorrole defined in the previous section.
By default, all WSO2 products have the following roles configured:
- Admin - Provides full access to all features and controls. By default, the admin user is assigned to both the Admin and the Everyone roles.
- Internal/Everyone - Every new user is assigned to this role by default. It does not include any permissions.
- Internal/System - This role is not visible in the Management Console.
More roles may be configured by default, depending on the type of features installed in your product.
Click Finish to complete. The new use appears in the Users list.
From here, you can change the user's password, assign different roles or delete it.
To add users using APIs, you can use the RemoteUserStoreManagerService (an admin service of the WSO2 Carbon platform).
- Set the <HideAdminServiceWSDLs> element to false in <APIM_HOME>/repository/conf/carbon.xml file and restart the server.
- If you have started the server in default configurations, use the following URL in your browser to see the WSDL of the admin service: https://localhost:9443/services/RemoteUserStoreManagerService?wsdl.
- Follow the instructions to add a user using RemoteUserStoreManagerService.