Edit care user

The title bar shows whether a user is currently being created ('Create user') or whether an already created user is being edited ('Edit user : Last name, first name (user name)'). The editing screen only differs in the 'User name' field, which only appears when a new user is created.

The following actions can be carried out in the lower bar:

'+ Create additional user':

By clicking on this button, the changes made are applied and the previously created user is created. A new user is then created, for which the edit screen is opened again.
This button only appears when users are created. This button is not available when user editing is called up.

OK':

The changes made are applied.

'Cancel':

User editing is exited and the user administration is reloaded without saving the changes made.

'Title':

The user's title is selected in this field.
Possible values:

• Mrs.
• Mr.

'First name':

The user's first name is entered in this field.

'Surname':

The user's surname is entered in this field.

'E-mail*':

The user's e-mail address is entered in this field.

'Send login data':

By clicking on this button, you as the administrator can send the user's login data to their e-mail address. Depending on the configuration settings, this function can also be set to refer to a redirect URL (see developer area).
The button only appears for users of the user type maintenance user or public user.

'Send link to reset password':

By clicking on this button, you can send a password request link to the user's email address as an administrator.
The button only appears if a URL or file path is entered in the "Link to request new password" field in the system settings (user).

'User name*':

The user name used for logging into the system (logging in) is entered in this field. Special characters and umlauts are not permitted.
This field does not appear when editing a user who has already been created.

'Password*':

This field is used to enter the user's password, which is used for logging into the system (logging in). Entering special characters increases the password quality and is therefore recommended for security reasons.

'Password confirmation*':

The previously entered password must be entered again in this field for confirmation. The values from the Password field must match this one.

'Password quality':

This display provides information about the security of the password. The further the display is in the green area, the more secure the password is considered to be. Entering special characters increases the password quality and is therefore recommended for security reasons.

'Only allow login with the following IP addresses':

The IP addresses to which the login and session for the user is restricted can be entered in this field.
Outside of these addresses, it is then no longer possible to log in via this user.
Multiple IP addresses are separated by commas. You can define an IP address range by specifying the wildcard character (*).
Examples:

• 123.456.789.123
• 123.456.789.123,123.456.789.321
• 123.456.789.*
• 123.456.789.123,192.168.*

To support more extensive constellations (e.g. restricted IP ranges, etc.), it is better to query the corresponding IP addresses via the onBeforeLogin system event rather than via individual users.

'Two-factor authentication via e-mail TAN required':

If this parameter is activated, login for this user takes place via two-factor authentication.
Two-factor authentication increases access security to the system, as it is not possible to log in even if someone else has your password.
After entering the password, an e-mail is sent to the e-mail address stored for the user (exception see below). The e-mail contains a TAN which the user must enter in the field that then appears on the login screen in order to complete the login.

'Only apply to the following domains':

The domains for which two-factor authentication is to be used exclusively can be entered in this field.
Multiple domains are separated by commas.
Example: cms.domain.dd,stage.domain.dd

'Do not use with the following IP addresses':

The IP addresses that are excluded from two-factor authentication can be entered in this field. These can be IP addresses of the company network or home network, for example.
Multiple IP addresses are separated by a comma. You can define an IP address range by specifying the wildcard character (*).
Examples:

• 123.456.789.123
• 123.456.789.123,123.456.789.321
• 123.456.789.*
• 123.456.789.123,192.168.*

The field only appears if two-factor authentication is activated.

'Special e-mail for TAN notification':

In this field, the TAN notification can be sent to the e-mail address entered here as an alternative to the user's e-mail address. This can then be an e-mail address for an SMS gateway, for example.
The field only appears if two-factor authentication is activated.
If different e-mail addresses are to be used for TAN notification via a user (e.g. at the sales partner), you can use the following syntax (example entry):

• (mustermann|musterfrau)@domain.dd,info@domain.dd
  The entry can thus be separated by a comma using the full e-mail address, or as a shortened form (for several e-mail addresses of a mail domain).
  When logging in, the user name (e.g. admin) is then supplemented by the e-mail address after a colon (e.g. admin:info@domain.dd).
  For the shortened form, it is sufficient to enter a name in brackets (e.g. admin:mustermann).
• If only one additional e-mail address is to be taken into account for a user, at least two e-mail addresses must be specified so that the TAN e-mail can also be sent to the user e-mail address, e.g.:
  dummy@domain.dd,help@andereDomain.dd
  

'Password validity ends on':

In this field, you can optionally enter a date on which the user's password becomes invalid. Clicking in the field opens a calendar for entering the date, which can be used to select the desired date (e.g.: 31.05.2024). The date can be deleted via the calendar selection by clicking on the recycle bin symbol.
If a password has reached its validity, this can be checked using the corresponding functions. A login can be prevented in this way, for example, and redirected to a change password form.

'Validity interval in days':

In this field you can optionally enter the interval (in days) within which the password is valid.
If you enter e.g. 30 (for 30 days), a user can be prompted to change their password every 30 days.
If a password has reached its validity, this can be checked using the corresponding functions. A login can be prevented in this way, for example, and redirected to a change password form.

'User type*':

The user type can be selected in this field.
A maintenance user can be assigned the status of a normal "maintenance user" or an "administrator".
In contrast to a maintenance user, an administrator also has access to the administration (backend) and also has the option of assigning themselves all rights that are not assigned by default.
Possible values:

• Administrator
• Maintenance user

'May send data via SEND':

If this parameter is activated, the user may also use Weblication^® SEND forms to send encrypted messages.
A green lock is displayed for the user in the user administration overview if this option is activated.

'Has an encrypted mailbox':

If this parameter is activated, the user is authorized to use an encrypted mailbox and is listed for such a form in the selection box "User with encrypted mailbox as recipient" (see also Weblication^® SEND / Encrypted mailbox).
In the overview of users in the user administration, a green lock is displayed for the user if this option is activated.

'May use the AI interface':

If this parameter is activated, the user is authorized to use the AI interface.
The option is only displayed if the AI interface is licensed and the number of users who are enabled for AI via the license has not been reached.

'Language':

This field is used to select the user's language pack, i.e. which language is displayed in the interface and the Browse & Edit buttons.
Currently available language packs:

• German (de)
• English (en)
• French (fr)

'Description':

Descriptive text about the user can be entered in this text field.

'Forwarding after login':

In this field, you can use the selection arrow to select the file to which the user should be redirected after logging in. If nothing is entered, the user starts at the top level of the domain.
e.g.:
/en/index.php
Note: When maintained by a maintenance user (user maintains user module), the user starts in the current project when selected via the selection arrow .
The following can also be used manually in the user file:
/wUser/start/@pathFileselectorUserStart = /xyz

'Start path when opening the cloud':

In this field, the selection arrow can be used to select the directory whose content is to be displayed to the user after logging in via the cloud login. If nothing is entered, the user starts in their own cloud directory.

'Start despite start path in the cloud file manager':

If this parameter is activated, the user starts with the file manager (manage content) instead of the web view when logging into the cloud.
When logging in and forwarding to the cloud user directory (e.g. user "mustermann" and therefore directory /cloud/mustermann), the user always starts in the file manager view regardless of this setting. This is the case, for example, if no start path is specified when opening the cloud.

'Group membership':

In this area, you can specify which groups a user should be assigned to.
Clicking on the"Add group" button opens a new window, which can be used to select a group by clicking on it.
The group selection lists the groups available in the group management.
If the "Default" parameter is defined, the corresponding group is stored as the default group for the user.
Group assignments can be deleted from the user file again by clicking on the recycle bin icon .