User Management in rConfig V8 Core
User management in rConfig V8 Core controls who can sign in to the application. After reading this page you can create and edit local user accounts, approve users who sign in through SSO, and remove accounts you no longer need. You will also know where role-based access control sits, because per-user roles are a Pro, Enterprise, and Vector feature rather than a V8 Core capability.
When to use this
Section titled “When to use this”Go here when you are setting up accounts for your team, removing the default admin account on a fresh install, or approving a colleague who has just signed in through SSO for the first time. The Users page is also where you check who currently has access.
Prerequisites
Section titled “Prerequisites”- An administrator account in rConfig V8 Core.
- For SSO approvals, a working SSO connection. See SSO overview for setup.
How access works in V8 Core
Section titled “How access works in V8 Core”V8 Core has a single access level. Every authenticated user has the same access to the application and to managed devices. There are no per-user roles to assign, and no permission to grant or withhold on an individual account.
Local users and SSO users
Section titled “Local users and SSO users”V8 Core supports two ways for a user to sign in:
- Local users are created directly in rConfig with a username and password stored in the rConfig database. They are active as soon as you save them. Use these for small deployments and lab environments.
- SSO users sign in through a Single Sign-On provider (SAML or OAuth). Their account is created automatically on first successful sign-in, then waits for administrator approval before they can use the application.
Once signed in, both types of user have the same access.
The SSO approval workflow
Section titled “The SSO approval workflow”SSO accounts do not become active on their own. The workflow keeps account creation under administrator control:
- The user signs in successfully through SSO.
- rConfig creates the account in a pending state.
- The user cannot use rConfig until an administrator approves the account.
- The administrator reviews pending users and approves the legitimate ones.
- The approved user gains access.
Open the Users page
Section titled “Open the Users page”- Select Users from the main navigation menu.
- Review the list of accounts, showing username, email, and status.
- Use the search and filters to find a specific user.
- Use the row action icons to edit, approve, or delete an account.
Create a local user
Section titled “Create a local user”- On the Users page, click New User.
- Enter a Username. This is the login identifier (alphanumeric, no spaces).
- Enter a valid, unique Email address.
- Enter a strong Password, then re-enter it in Confirm Password.
- Optionally disable email notifications if this user should not receive system alerts.
- Click Save.
The new user can sign in immediately with the credentials you set.
Edit a user account
Section titled “Edit a user account”- On the Users page, find the user to change.
- Click the edit icon in the user row.
- Update any field except the username, which cannot be changed.
- To reset the password, enter a new one in both password fields.
- Toggle the notification preference if needed.
- Click Save.
Changes take effect immediately.
Approve an SSO user
Section titled “Approve an SSO user”- Open the Users page. Pending accounts show a pending status.
- Verify the account before approving:
- Confirm the email domain matches your organisation.
- Confirm the person should have rConfig access.
- Click the approve icon in the user row.
- The user is notified and can now sign in.
To reject a pending account, click the delete icon. A rejected user cannot sign in.
Disable email notifications
Section titled “Disable email notifications”- Edit the user account.
- Toggle Email Notifications off.
- Click Save.
With notifications off, the user no longer receives device connection failure alerts, scheduled task notifications, or system announcements by email. They can still see everything in the web interface.
Delete a user account
Section titled “Delete a user account”- On the Users page, find the user to remove.
- Click the delete icon in the user row.
- Confirm when prompted.
Where authentication events are logged
Section titled “Where authentication events are logged”Sign-in attempts, failures, and other authentication events are recorded in the Application Log, not on the Users page. Review it to spot repeated failed sign-ins, sign-ins outside normal hours, or access from accounts that should have been removed.
What’s next
Section titled “What’s next”- SSO overview sets up Single Sign-On so users can authenticate through your identity provider.
- Application Log shows authentication events and the wider audit trail.
- Security hardening covers account, credential, and platform hardening for V8 Core.