Page tree

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Published by Scroll Versions from space DEV and version r0822

D toc

Use the Workspace Users page to add, suspend, or remove users from the workspace. You can also reset passwords and change roles.

D caption
Workspace Users Page


  • Click one of the tabs to display all users of the workspace or a filtered list based on user status.


  • Name: Display name for the user. Click the name of the user to review details about the user account. See Workspace User Details Page.

  • Email: Username (email address of users)
  • Status: Current status of the user. See "Status" below. 
  • Last login: Timestamp for the last time that the user logged in to the workspace


  • Search: Enter text to begin searching for specific usernames or email addresses.

Context menu actions:

For each user, you can perform the following actions in the context menu:

  • Configure storage: If per-user access is enabled for the workspace, you can configure the access credentials for individual users, either using key-secret combinations or IAM roles. For more information, see Configure Your Access to S3.

  • Edit: Modify user properties, including platform roles. See "Edit Users" below.

  • Reset password: Self-service password reset is enabled by default. If enabled, click this option to send an email to the user to reset his or her password.


    NOTE: Only platform administrators can reset a user's password. Workspace admins cannot.

  • Disable: When a workspace user is disabled, the user cannot access the workspace.
    • All of the user's flows and datasets are retained.
    • Resources such as connections and flows that are owned by the user become inaccessible to workspace users that have access.
    • To permit access again, select Enable.

Workspace Status

Users in the workspace can be set to one of the following statuses:

  • Enabled: User can log in and use the workspace normally.
  • Disabled: User account has been disabled by a workspace administrator. User cannot use the workspace.


    NOTE: A disabled user's flows and datasets are still stored within the workspace. However, the user cannot access them. Ownership of these objects has not been transferred. A workspace administrator has ownership privileges on the user's objects.

Edit Users

To modify a user account in the workspace, please complete the following steps.


NOTE: For security reasons, an administrator is not permitted to edit some settings in the administrator's own account.


  1. Locate the user in the list of users in the workspace.
  2. In the context menu on the right side of the user's listing, select Edit.
  3. In the Edit User dialog, modify the following properties as needed:

Name: The display name of the user.


NOTE: Only platform administrators can edit a user name. Workspace admins cannot.

Email: The email address is used as the login identifier. This value cannot be modified.

Roles: Select or remove the workspace roles to assign to the user. For more information, see Workspace Roles Page.

SSO Principal: If SSO is enabled, set this value to be the SSO principal value associated with this user.


NOTE: Required value for each user if SSO is enabled. See Configure SSO for AD-LDAP.

Hadoop Principal: If secure impersonation is enabled, set this value to be the Hadoop principal value associated with this user.


NOTE: The user principal value should not include the realm.


NOTE: Required value if secure impersonation is enabled. See Configure for Secure Impersonation.


NOTE: If Kerberos is enabled, verify that all user principals that use the platform are also members of the group of the keytab user.

Deployment management: When selected, this user is assigned the deployment role in the platform.In a Development environment, this role can be added to a user's account to enable access to the Deployment Manager.


NOTE: Deployment management user accounts are intended for managing production execution of flows. These users have a different and limited user interface in the

D s webapp
. There should be a limited number of these accounts.


NOTE: Only platform administrators can assign the Deployment management role. Workspace admins cannot.


Tip: A deployment user should be assigned flow_author role for the workspace. Lesser flow roles may prevent the deployment user from properly importing and managing flows. See Workspace Roles Page.

Platform admin: When selected, the user is granted admin privileges over the platform. These privileges include user administration, ability to modify platform settings, and permissions to use admin-only API endpoints.


NOTE: Avoid providing the Platform admin permission to a large number of users.

To save your changes, click Edit user.