A user account determines the actions each user can perform in Decipher IDP. These actions are determined by the roles and permissions a user is assigned.

User accounts can be assigned to:

  • Human operators of the system.
  • Automatic software clients (components), such as OCR, Capture, and Export.

From the Admin Panel, click Users to view the current user list.

The following options are available to manage user accounts:

  • Create – Click Add User and enter details for the user.
  • Edit – Click the edit icon to update a user's account details.
  • Delete – Click the delete icon for the required user to remove them from the database.

User account details

User accounts use the fields listed below – all fields are mandatory unless otherwise stated.


Enter a username containing three or more characters.


Enter a initial password containing four or more characters.

Confirm new password

Re-enter the user password, as entered above.


Enter the site at which the user is based (optional).

User Group

Select the groups from which the user will inherit their permissions. There are a number of built-in user groups that cover many of the required user types but you can edit these groups and create new ones to suit your requirements.

For more information about creating and editing groups, see User groups.

First name

Enter the first name of the user (optional).

Last name

Enter the first name of the user (optional).


Enter the email of the user (optional).

Copy settings from

If required, select the user account from which you want this user to inherit input and verify client settings.

Manage roles

A role is a step in the document processing process. If a user is assigned a role they are allowed to perform the corresponding operations, for example, the Report role gives a user access to the Reports section. Typically, roles are assigned to user groups, but you can further define them at the user level.

For detail on suggested access configurations for the users in your system, see User access models.

You can assign the following roles:

  • Input – Enables the user to create batches.

  • Ocr – Enables the user to perform optical character recognition (OCR).

  • Classify – Enables the user to perform classification.

  • ClassVerify – Grants access to the class verification page.

  • Capture – Enables the user to perform data capture.

  • Verify – Grants access to the data verification page.

  • Export – Enables the user to export batches.

  • Report – Grants access to the reports page.

  • Admin – Grants access to the Admin panel.

Manage permissions

Permissions can be used to fine tune a user’s access rights. Typically, permissions are assigned to user groups, but you can further define them at the user level.

You can assign the following permissions:

  • EditSettings – Enables the user to edit the input settings and configure document upload.

  • EditFieldTemplates – Enables the user to edit and create document form definitions (DFDs).

  • EditMappings – Enables the user to train DFD mapping pairs.

  • EditScannerSettings – Deprecated.

  • EditRegionTemplates – Enables the user to perform training of document capture.

  • EditLists – Deprecated.

  • EditExportSettings – Enables the user to edit the export settings of batch types.

  • SelectBatch – Enables the user to choose which batch is loaded (if not selected, the first available batch is loaded).

  • ReportBatches – Enables the user to access and generate volume reports.

  • ReportOperatorProductivity – Enables the user to access and generate user productivity reports.

  • ReportSystemProductivity – Enables the user to access and generate turn time reports.

  • ReportAuditReport – Deprecated.

  • ReportExceptionListings – Deprecated.

  • ResolveExceptions – Enables the user to load exception batches in data verification.

  • DeleteBatchContent – Enables the user to delete pages, documents, and batches in class and data verify.

For detail on suggested access configurations for the users in your system, see User access models.

Once the required user details have been added, click create or edit button to save the changes.

Default user accounts

Decipher IDP is pre-configured with the following default users:

  • Admin – This is the default administrator user account.

    The default password is admin but it is recommended you change this as soon as possible. If required, administrators can force users to change this password upon first login.

  • GeneralUser – This user has access to all parts of the system except the Admin panel.

The following default users were removed with the release of Decipher IDP 2.2, but may be present on systems which upgraded from earlier versions:

  • OcrUser – A system user, used by the automatic OCR clients (components). This user account is not usually used by human operators.
  • InputUser – This user can import documents for processing.
  • ReportUser – This user can only access the Reports section of the interface.
  • VerifyUser – This user can only access the Verify section.

These users are assigned to one or more groups that control the actions they can perform in Decipher IDP and they are typical roles you might want your Decipher IDP users to have. You can choose to use these default user accounts or create your own. The permissions for these user accounts can be edited if required but you cannot edit the roles for the account you are currently logged into.

Force password change

Administrators can force a user to change the default admin password upon first login by adding an attribute to the Web.config file:

  1. Navigate to the Web.config file. The default location is: C:\Program Files (x86)\Blue Prism\Decipher Web\Web.config.

  2. Open the file in a text editor.

  3. In the appSettings node, add a new row with the following detail:

    <add key="adminPasswordChangeRequired" value="true" />
  4. Save the changes to the Web.config file.

For more information, see Configuration file parameters.