diff --git a/docs/documentation/server_admin/images/effective-role-mappings.png b/docs/documentation/server_admin/images/effective-role-mappings.png index b3e5d78a4c..67c1a0bca5 100644 Binary files a/docs/documentation/server_admin/images/effective-role-mappings.png and b/docs/documentation/server_admin/images/effective-role-mappings.png differ diff --git a/docs/documentation/server_admin/images/fine-grain-add-view-leads.png b/docs/documentation/server_admin/images/fine-grain-add-view-leads.png index 5bca8c7df7..2f5c9e99b4 100644 Binary files a/docs/documentation/server_admin/images/fine-grain-add-view-leads.png and b/docs/documentation/server_admin/images/fine-grain-add-view-leads.png differ diff --git a/docs/documentation/server_admin/images/fine-grain-add-view-users.png b/docs/documentation/server_admin/images/fine-grain-add-view-users.png index 2533f1c9a6..b763ecd096 100644 Binary files a/docs/documentation/server_admin/images/fine-grain-add-view-users.png and b/docs/documentation/server_admin/images/fine-grain-add-view-users.png differ diff --git a/docs/documentation/server_admin/images/fine-grain-assign-query-clients.png b/docs/documentation/server_admin/images/fine-grain-assign-query-clients.png index 6b94e228c1..c64fa53497 100644 Binary files a/docs/documentation/server_admin/images/fine-grain-assign-query-clients.png and b/docs/documentation/server_admin/images/fine-grain-assign-query-clients.png differ diff --git a/docs/documentation/server_admin/images/user-credentials.png b/docs/documentation/server_admin/images/user-credentials.png index b6fc344220..47acc07f82 100644 Binary files a/docs/documentation/server_admin/images/user-credentials.png and b/docs/documentation/server_admin/images/user-credentials.png differ diff --git a/docs/documentation/server_admin/images/user-impersonate-action.png b/docs/documentation/server_admin/images/user-impersonate-action.png new file mode 100644 index 0000000000..4b692e3a31 Binary files /dev/null and b/docs/documentation/server_admin/images/user-impersonate-action.png differ diff --git a/docs/documentation/server_admin/images/user-required-action.png b/docs/documentation/server_admin/images/user-required-action.png index ee3d6d5fd1..840be5b40d 100644 Binary files a/docs/documentation/server_admin/images/user-required-action.png and b/docs/documentation/server_admin/images/user-required-action.png differ diff --git a/docs/documentation/server_admin/images/user-role-mappings.png b/docs/documentation/server_admin/images/user-role-mappings.png index f1bb333478..2f7b6435e9 100644 Binary files a/docs/documentation/server_admin/images/user-role-mappings.png and b/docs/documentation/server_admin/images/user-role-mappings.png differ diff --git a/docs/documentation/server_admin/topics/admin-console-permissions/fine-grain.adoc b/docs/documentation/server_admin/topics/admin-console-permissions/fine-grain.adoc index 5e67a1e6de..9e11e60d71 100644 --- a/docs/documentation/server_admin/topics/admin-console-permissions/fine-grain.adoc +++ b/docs/documentation/server_admin/topics/admin-console-permissions/fine-grain.adoc @@ -173,7 +173,7 @@ users you'll see that each user detail page is read only, except for the `Role M Going to this tab you'll find that there are no `Available` roles for the admin to map to the user except when we browse the `sales-application` roles. -.Add viewleads +.Assign viewLeads image:images/fine-grain-add-view-leads.png[Fine grain add view leads] We've only specified that the `sales-admin` can map the `viewLeads` role. diff --git a/docs/documentation/server_admin/topics/assembly-managing-users.adoc b/docs/documentation/server_admin/topics/assembly-managing-users.adoc index f3e0d08e59..93aed18be9 100644 --- a/docs/documentation/server_admin/topics/assembly-managing-users.adoc +++ b/docs/documentation/server_admin/topics/assembly-managing-users.adoc @@ -5,12 +5,12 @@ From the Admin Console, you have a wide range of actions you can perform to manage users. include::users/proc-creating-user.adoc[leveloffset=+2] +include::users/user-profile.adoc[leveloffset=+2] include::users/ref-user-credentials.adoc[leveloffset=+2] include::users/proc-setting-password-user.adoc[leveloffset=+3] include::users/proc-creating-otp.adoc[leveloffset=+3] -include::users/proc-configuring-user-attributes.adoc[leveloffset=+2] include::users/con-user-registration.adoc[leveloffset=+2] include::users/proc-enabling-user-registration.adoc[leveloffset=3] include::users/proc-registering-new-user.adoc[leveloffset=3] @@ -31,6 +31,5 @@ include::users/proc-allow-user-to-delete-account.adoc[leveloffset=+2] include::users/con-user-impersonation.adoc[leveloffset=+2] include::users/proc-enabling-recaptcha.adoc[leveloffset=+2] -include::users/user-profile.adoc[leveloffset=+2] include::users/ref-personal-data-collected.adoc[leveloffset=+2] diff --git a/docs/documentation/server_admin/topics/authentication/conditions.adoc b/docs/documentation/server_admin/topics/authentication/conditions.adoc index f559c87449..7020a20771 100644 --- a/docs/documentation/server_admin/topics/authentication/conditions.adoc +++ b/docs/documentation/server_admin/topics/authentication/conditions.adoc @@ -26,7 +26,7 @@ The Execution requirements section includes an example of the OTP form. `Condition - User Attribute`:: This checks if the user has set up the required attribute: optionally, the check can also evaluate the group attributes. There is a possibility to negate output, which means the user should not have the attribute. -The xref:proc-configuring-user-attributes_{context}[User Attributes] section shows how to add a custom attribute. +The link:#user-profile[User Attributes] section shows how to add a custom attribute. You can provide these fields: Alias::: diff --git a/docs/documentation/server_admin/topics/users/con-user-impersonation.adoc b/docs/documentation/server_admin/topics/users/con-user-impersonation.adoc index 419dbe2fe8..29ea7a4c80 100644 --- a/docs/documentation/server_admin/topics/users/con-user-impersonation.adoc +++ b/docs/documentation/server_admin/topics/users/con-user-impersonation.adoc @@ -14,7 +14,7 @@ Any user with the `impersonation` role in the realm can impersonate a user. . Click a user to impersonate. . From the *Actions* list, select *Impersonate*. + -image:images/user-details.png[] +image:images/user-impersonate-action.png[] * If the administrator and the user are in the same realm, then the administrator will be logged out and automatically logged in as the user being impersonated. * If the administrator and user are in different realms, the administrator will remain logged in, and additionally will be logged in as the user in that user's realm. diff --git a/docs/documentation/server_admin/topics/users/proc-configuring-user-attributes.adoc b/docs/documentation/server_admin/topics/users/proc-configuring-user-attributes.adoc deleted file mode 100644 index 528c090ccd..0000000000 --- a/docs/documentation/server_admin/topics/users/proc-configuring-user-attributes.adoc +++ /dev/null @@ -1,27 +0,0 @@ -// Module included in the following assemblies: -// -// server_admin/topics/users.adoc - -[id="proc-configuring-user-attributes_{context}"] -= Configuring user attributes - -User attributes provide a customized experience for each user. You can create a personalized identity for each user in the console by configuring user attributes. - -.Users -image:images/user-attributes.png[] - -.Prerequisite -* You are in the realm where the user exists. - -.Procedure -. Click *Users* in the menu. -. Select a user to manage. -. Click the *Attributes* tab. -. Enter the attribute name in the *Key* field. -. Enter the attribute value in the *Value* field. -. Click *Save*. - - -NOTE: Some read-only attributes are not supposed to be updated by the administrators. This includes attributes that are read-only -by design like for example `LDAP_ID`, which is filled automatically by the LDAP provider. Some other attributes should be read-only for -typical user administrators due to security reasons. See the details in the xref:read_only_user_attributes[Mitigating security threats] chapter. diff --git a/docs/documentation/server_admin/topics/users/user-profile.adoc b/docs/documentation/server_admin/topics/users/user-profile.adoc index c2a766cb79..4fb6c7b3fd 100644 --- a/docs/documentation/server_admin/topics/users/user-profile.adoc +++ b/docs/documentation/server_admin/topics/users/user-profile.adoc @@ -1,5 +1,5 @@ [[user-profile]] -= Defining a user profile += Managing user attributes In {project_name} a user is associated with a set of attributes. These attributes are used to better describe and identify users within {project_name} as well as to pass over additional information about them to applications.