Identities
Every user that authenticated via The Identity Hub is represented by one Identity. A user can have multiple Identities in a single Tenant, if the user authenticates using different Account Providers (e.g. Office 365, Facebook...). A user can link all the Identities in a single Tenant into one Identity using Account Linking.
Accounts of a User
An Identity of a user can have one or more Accounts. When a user authenticates using different Account Providers the user can link all these in one (digital) Identity. That Identity will contain all the Accounts of the User.
To view the accounts of a user:
- Navigate to the Users Admin Page (https://www.theidentityhub.com/{tenant}/Admin/Identity/List) of your Tenant. If you don't have a Tenant yet, you can register one for free.
- Search for the user you want see the Accounts for.
- Click the user to go to the detail page.
- In the left navigation click Accounts.
Roles of a User
To view the roles of a user:
- Navigate to the Users Admin Page (https://www.theidentityhub.com/{tenant}/Admin/Identity/List) of your Tenant. If you don't have a Tenant yet, you can register one for free.
- Search for the user you want see the Roles for.
- Click the user to go to the detail page.
- In the left navigation click Roles.
For more information see Roles
View and search the list of Users
To view the list of users in a Tenant:
- Navigate to the Users Admin Page (https://www.theidentityhub.com/{tenant}/Admin/Identity/List) of your Tenant. If you don't have a Tenant yet, you can register one for free.
- No results are loaded by default, you need to provide a search query.
To search and filter the list of users in a Tenant:
- Navigate to the Users Admin Page (https://www.theidentityhub.com/{tenant}/Admin/Identity/List) of your Tenant. If you don't have a Tenant yet, you can register one for free.
- Configure the filter settings by clicking the filter icon
It is possible to indicate the user properties used to search : Email, Name, Account UPN or Identity Identifier.
Additionally one can indicate which information needs to be shown / filtered out: last login information, trusted users (on prem only), archived users. The applied filter is shown. - To filter on an Account Provider select an Account Provider from the dropdown list in the top bar. The list will be filtered to show only users having an Account for that Account Provider.
- To search the list of users, fill a search query (at least 7 character) in the Search users box and press enter or the search icon.
The information shown for each user includes:
- Profile info: picture (if available), Display name, Email and unique Identity Identifier
- Indications about type of accounts linked to the user: User with password in The Identity Hub, User with a trusted account, user with an account provided by an external IDP
- Indication if the user has an MFA secret
- Indication if the user is archived
- Last login info based on logon sessions (according to filter settings)
Note
In case logon sessions are purged only the information available will be shown.
Archive a User
A user can be archived. The archival of users can be used as a way to filter out inactive users from the list of users. An archived user can still authenticate. When doing so, his account is automatically reactivated and will no longer be archived.
- Navigate to the Users Admin Page (https://www.theidentityhub.com/{tenant}/Admin/Identity/List) of your Tenant. If you don't have a Tenant yet, you can register one for free.
- Search for the user you want to archive and open the details by selecting the user.
- In the top menu, click on Archive and confirm you want to archive the user.
Note
You cannot activate an archived user. Only an authentication by the user will reactivate the account. All other admin actions on a user (for example: blocking a user or resetting the MFA flow) remain possible.
Block a User
A user can (temporarily) be blocked. Blocked users can no longer authenticate.
- Navigate to the Users Admin Page (https://www.theidentityhub.com/{tenant}/Admin/Identity/List) of your Tenant. If you don't have a Tenant yet, you can register one for free.
- Search for the user you want to block and click the Disable button.
- Confirm that you want to block the user by clicking Ok
In case the administrator is part of an admin scope, this scope will be applied as quarantaine scope. Only administrators part of the same scope will be able to unblock the user again.
Delete a User
A user can be deleted.
- Navigate to the Users Admin Page (https://www.theidentityhub.com/{tenant}/Admin/Identity/List) of your Tenant. If you don't have a Tenant yet, you can register one for free.
- Search for the user you want to delete and click the user to go to the detail page.
- Click Delete in the top bar.
- Confirm that you want to delete the user by clicking Ok
Audit
When an administrator searches, views or updates Identity details this is audited.