Journey Manager (JM) Previously known as Transact Manager (TM). | System Manager / DevOps | 19.05 This feature was updated in 19.05.
A user account is part of the Journey Manager security management system, which allows for fine-grained control based on user's functions, roles, groups, and access permissions. There are two types of the users - authenticated and anonymous (unauthenticated or public) - both user types can access forms. The diagram below illustrates various user types and what they can access in the Journey Platform.
Manager provides the easy-to-use mechanism to create, modify, and deactivate user accounts, as well as manage access permissions, user roles and groups. It also comes with the bulk import functionality to create multiple users, including user's details, roles, groups and access configurations, which significantly simplifies user provisioning task.
Before users can log in to a form space, which requires authentication, they must have valid user accounts. Manager allows an administrator to create a user and grants access to one or more form spaces. The user receives an email with login credentials, such as a username and password, to access forms hosted on the form space.
Manager allows authenticated users to login to a form pace using credentials by delegating authentication and authorization to the 3rd party system, such as Active Directory, LDAPLightweight Directory Access Protocol (LDAP) s an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol network. or SSOSingle sign-on (SSO) is a property of access control of multiple related, yet independent, software systems. With this property, a user logs in with a single ID and password to gain access to any of several related systems.. Manager can also maintain local users, such as contractors that are not in the organization's LDAP system.
The authenticated users can be:
Anonymous (unauthenticated or public) users can access forms if its form space is configured to allow anonymous access. An example of such a form space is the Web Plug-in form space. Members of the public click on a link from a company website which opens an unsecured form page in the portal. The available list of forms is manually maintained by the company on their website.
Using anonymous users has the following advantages:
An anonymous user can still use the forms, but with the following limitations:
Anonymous users must provide their email address. Optionally, a security question can be set to open saved forms and tasks.
You can grant standard roles to users to control their access to and define capabilities at their form spaces. Each form space has a set of roles that can be granted to a user. You can create a new role as needed.
A typical form user must only be granted access to a form space where forms are hosted. This allows self-registered users immediate access to forms. However, most users must be granted access to:
When working with user accounts, you should consider the environment that users are accessing, which can be production, development, or testing environment. Manager is designed to be customizable to accommodate enterprise’s security configurations and policies. The following users require access to a production environment:
The following users require access to a development and test environments:
Users can only log into a form space if their user accounts are assigned to that form space. It is not possible to assign a form space to a user account when the form space is only accessed anonymously.
The following users should have access to form spaces:
A standard user account contains the following information:
Manager enforces some extra security rules to ensure that users cannot access restricted content, such as organizations, groups, users, forms, transactions and collaboration jobs. | 19.05 This feature was introduced in 19.05.
Next, learn how to view user accounts.