Manage users

There are several types of users in Blue Prism depending on the authentication method configured for a user:

  • Native users
  • Active Directory users
  • Authentication Server users

Blue Prism users are managed from the System > Security - Users screen.

The options available on the screen depend on the authentication method configured for your Blue Prism environment, and the account type configured for a specific user. For more information, see Authentication in Blue Prism.

The Security - Users screen displays the existing users organized into their groups in a tree view from the Users root node. Selecting a group in the tree view shows the members of that group in a list (user list view), whereas selecting a user in the tree view shows the user details panel (user details view).

User management is carried out by right-clicking a group node or an individual user in the tree view, and also via the hamburger menu.

Users' roles and permissions in Blue Prism are managed from the Security - User Roles screen and the associated Role Membership dialog. User roles can also be assigned on the User Settings screen – except for Active Directory users whose roles are configured to be only managed in Active Directory. For more details, see Blue Prism roles and permissions.

User list view

Selecting the Users root node or a group node displays a list of users and summary information about each user record: their user name, password expiry date, the last time the user signed in, and the account type used.

The search field at the top allows administrators to search for specific users in the tree view.

User details view

Selecting a user displays read-only information about the user appropriate to the authentication type configured for that user.

For example, for a Blue Prism native user you would see the account type, user validity period, password expiry date, and the last time the user signed in.

For an Active Directory user, you would see information such as the user's User Principal Name (UPN)  and Distinguished Name, however you would not see password expiry details and the user validity end date as these are managed in Active Directory.

Right-click menu options

The right-click menu options available are determined by whether you right-click a group node or an individual user in the tree view. These options are dependent on the authentication method configured for your environment, and the account type configured for a specific user. Unless otherwise specified, an option applies to all account types available in Blue Prism. For more details, see Authentication in Blue Prism.

Group nodes

Right-clicking the root node or a group node displays the following options:

  • Create user – This allows administrators to add users and assign them roles and permissions in Blue Prism based on the account type configured for them.
  • Create group – Users can be organized into groups from the right-click menu for either the Users node in the tree view, or an existing group.
  • Rename group – This allows administrators to change the name of an existing group.
  • Delete group – This allows administrators to delete an existing group if it does not contain any users.
  • Expand all/Collapse all – This toggles the tree view between groups and users.
  • Show All Users –This toggles the tree and list view between all users and only active users.

Individual users

Right-clicking on a user displays the available options for that user, depending on the account type configured for them.

  • Create user – This allows administrators to add users and assign them roles and permissions in Blue Prism based on the authentication type configured for them.
  • Delete user – Administrators can delete users who no longer require access to the system. Deleted users do not show in the user list but can be made visible by right-clicking the Users root node and selecting Show All Users. Only users configured to use Blue Prism native authentication can be deleted.

  • Remove from group – This allows administrators to remove a user from a group.

Hamburger menu options

The available options when clicking the hamburger menu are determined by the authentication type configured for the environment and whether a user or group is selected in the tree view. Unless otherwise specified, an option applies to all authentication types available in Blue Prism. For more details, see Authentication in Blue Prism.

Group nodes

Selecting the root node or a group node in the tree view and clicking the hamburger menu displays the following options:

  • New – This allows administrators to add users and assign them roles and permissions in Blue Prism based on the authentication type configured for them.
  • Synchronize users with Active Directory – This manually refreshes the details of all Active Directory users in the user list based on updates in Active Directory. This option is only available for Active Directory users.
  • Synchronize users with Authentication Server – This manually synchronizes service account updates between the Blue Prism and Authentication Server databases outside of the RabbitMQ update schedule in the event of any service disruption. This option is only available if Authentication Server user login has been enabled in Blue Prism.
  • Refresh – This refreshes the Users tree view and detail panel following an update.

Individual users

Selecting an individual user in the tree view and clicking the hamburger menu displays the following options:

  • New – This allows administrators to add users and assign them roles and permissions in Blue Prism based on the authentication type configured for them.
  • Edit – Administrators can change users' details based on the authentication type configured for them. You can also double-click a user to edit their settings.
  • Delete – Administrators can delete users who no longer require access to the system. This option is only available for users configured to use Blue Prism native authentication . Deleted users do not show in the user list but can be made visible by right-clicking the users tree and selecting Show All Users.
  • Unlock – Administrators can unlock the accounts of users who have locked themselves out by entering the incorrect password too many times, as configured in the login options. This option is only available for users configured to use Blue Prism native authentication and only becomes active if the user account is locked.
  • Configure process alerts – Administrators can configure process alerts for a selected user. The logged-in user requires the Configure Process Alerts permission and the selected user requires the Subscribe to Process Alerts permission. For more details, see User permissions.
  • Refresh – This refreshes the Users tree view and detail panel following an update.