DocuPhase Forms latest - This documentation is for DocuPhase Forms v11.3. Not for you? Earlier documentation is available too.
Manage Users
A tenant admin uses the Manage Users page to add new users, delete users, edit the properties of existing users and download/upload a csv file containing user data. Click the Manage Users link to display the DocuPhase Forms user list. To the right of each user name are icons described below.
If you are logged in as the superuser admin you must first click the Manage Tenants link to display the list of tenants. Then click the button to manage users/roles for the desired tenant. Then click the Manage Users link.
If you are using the LDAP, Azure, or SAML Security Manager you will have limited Manage Users options via the DocuPhase Forms UI. For example, you may only see the Log in As icon and not the Edit icon. In this case, please manage user details via your IDP instead.
Add New User
Create new tenant users on the Manage Users page.
Click add new user icon at the top of the user list.
Complete the new user form.
User names can contain characters, numbers, dot (.), hyphen (-) and the underscore (_). User names can only be started with a character, number or underscore (_) as the first first character. Max length is 50 characters.
Change Password on Next Login is checked by default. DocuPhase Forms recommends keeping this checked for best security practices. Users will be prompted to enter a new password that meets strength requirements on their first login.
Assign roles to the user. NOTE: Assign the special role frevvo.Designer to any user who needs permission to create forms and workflows.
You can assign multiple roles to any user by clicking the "+" icon
Assign a reports to for any user who needs to route a form they fill in to their manager. For example a PTO request.
Submit the form
The Reports To field is a ComboBox. Begin typing the userid of the person this user reports to and a list of matching users displays. Select the Role and Enabled field values from the Dropdown choices.
Add Tenant Admin
You can add additional tenant admins by clicking the icon. This creates a new user with the special permission required to log in and manage the tenant. You cannot add this special tenant admin role to an existing user. This is the only way to grant this special tenant admin permission.
If you want to disable a tenant admin, edit that user by clicking the edit user icon and add the frevvo.ReadOnly role. You can also delete all tenant admins except the initial tenant admin. The initial tenant admin is created when you create the tenant. One common case is that you need to remove admin access to a person who initially had that permission via the initial tenant admin. To do this:
Create a new tenant admin
Edit the original tenant admin and add the role frevvo.ReadOnly
Edit Admin Users
There is also a shortcut to edit the initial tenant admin – click the ‘edit admin user’ icon above the alphabet list to go directly to the initial tenant admin's edit page. You can also distinguish the initial tenant admin from non-admins because the initial tenant admin cannot be deleted so it does not have the button. If you added additional tenant admins, the user list does not make it readily apparent that a user has that special admin access permission. Currently, the way to distinguish an admin is to click on each user's button and see if the user has the Manage Tenant functions.
CSV Upload of Users and Roles
frevvo customers that have a large number of users with assigned roles, may need to import these (userids/roles) into DocuPhase Forms. DocuPhase Forms provides the ability to perform a bulk import of user data.
Only tenant admins may import user data and associated roles. The upload/download users links are available for tenants using all security managers. This feature is useful when creating/migrating a tenant that uses the LDAP or SAML Security managers.
Download Users and Roles
Make sure you are logged in as the tenant admin. Click the Manage Users link.
Click the download users csv file icon.
This downloads a complete comma-separated file that includes the list of the users and their assigned roles in the current tenant. Roles that exist in the tenant but are not assigned to any users will not be included in the file. The fields are comma-separated. The following is an example:
The first row contains the column names. Descriptions of the field/column names in the file are listed in the table:
Field/Column Name | Description |
---|---|
userId | The unique user id used for login. Required |
tenant | The tenant identifier is optional. If not supplied, it defaults to the current tenant. Attempts to upload users for another tenant shows a validation error. |
firstName | User's first name. |
lastName | User's last name. |
User's email address. Required | |
enabled | Set to 'true' to enable the user |
reportsTo | The userId of the user that the user reports to, if any. |
roles | A list of the user's roles, separated by the '|' character. Roles are inserted as necessary. Spaces are not allowed in role names. Role names cannot contain more than 100 characters. |
taskNotification | The user's task notification preference. The options are "OFF" or "Email"; if left blank or if this column is not used, this will default to "Email". |
transaction | Either blank or 'DELETE'. If DELETE then the user will be removed. Otherwise, the user is updated if it exists or inserted as necessary. |
notifyIfNewUser | A value of 'true' will send an email to users prompting them to create a new password. A value of 'false' will not notify users. |
notifyIfNewUser determines when a password reset notification is sent to a user.
'true' will notify new users and any current user that does not have a password. The password reset link will expire in 24 hours.
'false' will not send a notification, even if the user is new or does not have a password. This allows tenant admins to set up and manage users in a test tenant, and notify them for access later.
To include a ',' (comma) in a field, escape it with a leading '\' character. To include a '|' (bar) in a role name, escape it with a leading '\' char.
To delete a user, enter DELETE into the transaction column of the file for that user. The user id and tenant fields are required for successful deletion. The message "Attempting to delete non-existing userId. It will be ignored." displays if the user id does not exist.
To delete all roles for a user, leave the roles column blank. See Updating Users and Roles using a CSV file for more information.
Although csv files can be opened in other programs, they are best viewed through some kind of spreadsheet program. Here is the file when it is opened with Excel:
Upload Users csv file
Downloading the user csv file will provide you with the format needed to import users and their associated roles into DocuPhase Forms. Once you have your csv file ready, follow these steps to upload it:
Make sure you are logged in as the tenant admin. Click the Manage Users link.
Click the upload users csv icon.
Browse to your users csv file and then click Validate and Load. User data is validated prior to successful import. You will see "Loading..." until the validation and loading process is completed.
The image shows the result of a validation that resulted in errors. User data cannot be uploaded until the errors are corrected. The table showing the validation data is scrollable vertically when loading a large csv file. Uploading an empty users file displays the message "Users file is empty".
Upon successful upload, you will see this message with the number of roles and users that were created: "Users Loaded successfully. 1 Added, 3 Updated, 0 Deleted, 1 Roles Added."
Updating Users and Roles using a CSV file
Once your csv file has been uploaded, it is very easy to update User and Role information. It is not necessary to reload your entire csv file every time you need to make changes. Simply create a csv file, with the proper format, that contains only the information that you want to change.
Existing users will be updated with the new information if you upload modified versions of your csv file.
For example, let's say you have 19 users in your tenant. You want to change the last name of an existing user, and add a new user (mary) who will have the new role of (Coordinator).
Create a csv file with the changes - change the last name of a user and add a new line for a new user (mary) with the role of Coordinator.
When you upload the modified file, you will see this message: "Users Loaded successfully. 1 Added, 1 Updated, 0 Deleted, 1 Roles Added". The existing user will be updated with the new last name, the role of Coordinator will be created and new user Pat will be added with that role.
notifyNewUser for mary is set to TRUE, so Mary will receive an email to create her password.
CSV Upload Considerations
The manual CSV upload has some considerations you should be aware of, especially if you need to upload a large number of users/roles.
The CSV upload can handle up to 1,000 rows in a given upload action. If you need to upload a large number of users, we recommend breaking them up into multiple CSVs of 1,000 users or fewer.
Return to the Manage Users page and click Upload Users again after each successful upload operation.
The "Reports To" column can only contain existing users. You should upload all of your users first, then re-upload the CSV(s) with the Reports To column filled.
If you have a large number of users, the users list may display a user count of -1. This is a known issue we plan to resolve in a future release.
Troubleshooting
Current Tenant Validation Error
If the csv file contains a name that is different from the current tenant, a validation error message displays. Upload the file again with the tenant field empty.
Spaces in Role Names
If there are spaces in the role names in your csv file, the message "role [the name of the role that contains the space for example: V P] - format not permitted (must start with a letter or _, max 16 chars from the set: a-zA-Z0-9_- ). Remove the spaces then upload the file again.
View User List
Click on a capital letter (A to Z) to display a list of users whose name begins with that letter. Click All to display all current users.
The available functions are:
Add a new user. (Top of page)
Add a new tenant admin user. (Top of page)
Each individual user has additional functions:
Display user's home page
Manage User
Upload a signature image file that will be applied to all forms/workflows this user signs in place of his or her first and last name. Refer to Signature Images and Electronic Signatures for more information.
Login as the user
Edit a user's profile including password, e-mail address, max upload attachment size, disable the user.
Delete user
Adding Superusers
The superuser admin, whose username is "admin" can add new superusers to the special d (default tenant). Note to log in as the superuser enter the username admin@d (admin is the username and @d specifies the special default tenant). New Users added to the default tenant automatically become new superusers. This allows you to name additional superusers and then if you want you can disable the built-in superuser. To disable the build-it superuser named "admin" click the button above the alphabet list. This brings you directly to the build-in superuser admin's edit page, or you can click the icon to the right of the admin name in the user list. Set the Enabled dropdown to false. This will prevent further logins by the built-in superuser named "admin". Note you cannot delete the built-in superuser named "admin". You can however delete any additional admin user you have created.
Signature Images
The tenant admin can add/manage signature images for DocuPhase Forms users that are applied to all forms/workflows this user signs in place of his or her first and last name. Signature images are supported in the Default Security Manager only at this time. Signature images can be a max size of 64kb.
To upload a signature image for a user:
Click the add signature icon. The Manage Signature for <userid> screen displays.
Browse to the location of the signature image file and select it.
Click the Upload/Delete button. A successful upload displays for the userid
To delete an existing signature file, check the Delete Signature checkbox then the Upload/Delete button.
Edit Users
Click the button next to any user in the users list to edit that user. You can perform functions such as adding/removing roles, resetting passwords, configuring the Max Attachment size per user, etc.
The default maximum size for attachments in the DocuPhase Forms Cloud is 25 MB or 26214400 bytes. On Premise customers can use the frevvo.attachment.maxsize property to configure the maximum size for attachments.
The Reports To field is a ComboBox. Begin typing the userid of the person this user reports to and a list of matching users displays.
Select the Role from the dropdown, and add additional roles by using the green + icon. Remove roles using the red - icon.
Disable a user by setting Enabled to false.
To save changes, click Submit. To cancel changes, click "Return to Manage Users" at the top of the page.
Maximum Size for Attachments
There are three places to set the maximum size of attachments in DocuPhase Forms.
The DocuPhase Forms server can be configured with a configuration property to specify the maximum size for attachments. The upper limit for attachments in the DocuPhase Forms Cloud is 25 MB. Uploading attachments greater than this value shows this error message:
The tenant admin can set the maximum file size per user by editing their profile. Add the value in bytes to the Max Attachment Size field on the Edit User screen.
The value in this field overrides the max size value configured on the server level, as long as it does not exceed that value. For example, if the Server was set for 20 MB and the user profile was configured for 15 MB, the user sees this error message when trying to upload a 30 MB attachment:Designers can specify the max file size per the Max Size property of individual Upload Controls. The image shows a 5 MB Max Size property specified for an Upload Control.
If a user uploads a file larger than 5 MB to this control, they will see this error
The value of the Max size property of individual Upload controls overrides the value per user which overrides the max size property on the server level. All values must be specified in bytes. If maximum file size is specified at the server level, the values in the user profile Max Attachment Size field and the Upload Control Max Size property cannot exceed the server max size.
Reset Passwords
The tenant admin can edit the profile for any tenant user and perform such functions as resetting passwords. To reset a password:
Login to the tenant admin's account.
Click Manage Users.
Click either the All link to display all tenant users or click the letter that corresponds to the first letter of their username.
Click the icon to edit a user's profile.
Set the password and re-enter password fields.
Check 'Change Password on Next Login' to require the user to change their password to meet password strength requirements on their next login.
Submit the form.
Users can also click "Forgot Password" on the login screen to reset their own password. Passwords for tenant admins and the superuser (admin@d) for On Premise installations can also be changed using this procedure. Remember, the user must have an email address configured in DocuPhase Forms for this method to work.
Logged in users can change their password using the Manage Personal Information link under My Account on the top right of the screen. Tenant and server admins can change their passwords by clicking on the icon from the Edit Admin Users screen.
Disable Users
The superuser or tenant admin can disable a user. Disabling a user prevents that user from logging into the form server. If the user has the role frevvo.Designer (aka. was a designer user) the users' forms will become inaccessible to other users. Even if the forms were public users will get the error "This resource belongs to a disabled user". To disable a designer user but keep the form accessible, change the user's role from frevvo.designer to frevvo.readonly and set the Enabled dropdown back to true. In this case, when the user tries to log in they will get the error "Login is currently disabled".
To disable a user click the icon to the right of the user's name in the user list. Set the Enabled dropdown to false. If this user is already logged into the form server they will be able to continue using the form server until they logout. At that point future logins will be blocked with the error "Your account is disabled".
Delete Users
You can delete users from the Manage Users page by clicking the Remove User icon beside their name, or you can delete users using the CSV Upload method by entering DELETE into the transaction column for the user(s). However, DocuPhase Forms recommends using caution with this process. Here are some best practices to keep in mind.
Before deleting a user, check that they do not have the frevvo.Designer role. You can check individually by editing the user from the Manage Users page. You can also use the CSV Download to see the roles for all users in a single document. You can also create a simple form with a business rule like this example to view all users with just the frevvo.Designer role in your tenant.
You should also search the Task List as the Tenant Admin for tasks assigned to that user. If there are any pending tasks, you may wish to reset, reassign or abort them. See the Searching the Task List documentation for details. Note that if you perform this step after deleting the user, you can still search by user but you must type in the userid exactly - the Locked by User search field will not recognize partial text and offer this user as an option.
After deleting a user, you will still be able to see submissions submitted by that user. Their user ID and name will appear in the submissions table, and their signatures are still visible on Submission Detail View. You can also search the submissions repository by that userid.
If you have workflow step(s) assigned to the user, you must edit the workflow step(s) and change the assignment to a valid user. The forms will not show an error in edit mode, but any future instances will cause an Invalid Task Assignment notice to be sent to the tenant/workflow admin. The tenant or workflow admin will need to reassign that task. Keep in mind that if you have dynamic step assignments in your workflows, you may need to check these to ensure this user can no longer be selected. For example, you may have a list of users are set as dropdown options, and the step assignment is set based on the value of the dropdown at run time. If the deleted user is selected from the dropdown and a step is assigned to them, you will receive an Invalid Task Assignment.
If the user has Access Control assignments on forms/workflows, those will still be visible. They are not valid, since the user no longer exists, but will not cause an error. You can remove such Access Control assignments at your convenience.
Keep in mind that there may be other places in forms/workflows that you referenced this specific user, such as business rules, email messages, etc. If you think this may be the case you will need to look at each form/workflow to remove or change that information.
Deleting a Designer User
Avoid deleting users with the frevvo.Designer role. If a designer user has resources such as forms, workflows, scripts, portals, etc. those will also be deleted, including submissions, when the user is deleted. If you must delete a designer user, you can download their resources and upload them to another designer user. In this case, you will not be able to move submissions. You will also need to update any published share links to those resources.
Manage Personal Information
Users can use the MY ACCOUNT > Manage personal information link to view and edit their personal information. Type in the fields and use the drop-down list to make changes, and then click Submit. For example, if users have their Task List open all day, they can change the value in the Task Notification Preference dropdown from Email to Off. This will stop Task Notification emails for all workflows.
Designers will also see a link to Manage Production Forms here so the designer can easily manage their account from this screen.
If you are using DocuPhase Forms portals, you can add a link to this screen to the portal menu.