To add a new user you will need to provide basic account information and assign an appropriate role.
Adding a New User
Setting up a new user is easy, enter the following fields:
- Full Name - An identifying name for the associated user.
- Username - The username used to log into Sandfly; it cannot be modified once the account is created.
- Email (optional) - An email address for the associated user.
- User Type - Determines where the login for this account is managed; it cannot be modified once the account is created. See the User Types section below for the list of options.
- Roles - Determines the level of access that this account has on the Sandfly server. See the Roles section below for the list of options.
- Password - The initial password; it can be changed later by the associated user or an admin.
Once all of the necessary fields have been filled in, click on the Add User button to complete the process.
The list of options that can be selected for the User Types field:
- Local - The login process and the password for the account are managed by the Sandfly server.
- SSO - The login process for the account is managed by the Single Sign-On (SSO) service that is defined in the Server Configuration section.
The list of options that can be selected for the Roles field:
- admin - Provides unrestricted access to the Sandfly server.
- user - Provides access to everything except for the following sections:
- Audit Logs - Clear Audit Log button only
- Manage Users
- Server Configuration
- api_result_read* - Provides read / GET access to most non-server configuration API calls.
- api_scan* - Provides API-only access to initiate scans.
* - API only accounts do not provide access to the web interface.
Refer to the API Endpoint Role Security Matrix for a detailed list of permissions.