Manage Users in the Dashboard

The Invictus Dashboard allows you to access the application with multiple user accounts. These can be local users, managed by Invictus itself; or Active Directory users, managed by your Azure tenant.

recommended

We recommend using Active Directory users over local users for security reasons.

Active Directory

👤 Requires membership of a synced Active Directory group

The Invictus Dashboard can be configured to use existing users in Azure Active Directory groups. This removes the need to work with additional local Dashboard users.

Add an Active Directory user to the Dashboard

Azure Active Directory users can sign in automatically into the Invictus Dashboard if that user is part of an Active Directory group that is synced into the Dashboard.

☝️ Make sure that the group has a role assigned, otherwise the Dashboard will be unusable for the user.

Delete an Active Directory user from the Dashboard

👤 Requires group membership with System admin role to delete users

1. To delete a user click on the delete icon next to the user in the user list. Confirm your decision in the confirmation box.

   👀 Linked Active Directory users can be distinguished as they do not have a personal role assigned. The role is determined by the group the user is a member of.

Edit an Active Directory user's role in the Dashboard

Active Directory users don't have personalized roles that allow them to access certain flows in the Dashboard. The user role is determined by the Active Directory group(s) where the user is a member of. If the group(s) has access to the flow, so will the user.

Forgot Password

Before you can use the forgot password feature, you need to create an Azure Active Directory application registration and set it up with the Mail.Send API permissions. This is required because emails can only be sent through an OAuth 2.0 flow. Previously, emails were sent using an SMTP client with a username, password, and SMTP connection. However, Microsoft and Google no longer allow this and are deprecating this service.

Please note that the permission granted allows any email address within the organization to be used as the sender.

To set up the Azure Active Directory application registration with the Mail.Send API permission, please follow the instructions here.

Setup Email Address as the Sender

To set up the email address as the sender, follow these steps:

1. Log in with an administrator account or any user with the role of System Admin.
2. Navigate to the settings page by clicking the controls located at the top right next to the account name.
3. In the Forgot Password Settings section, enter the email address you want to use.
4. Click on Save password settings to save the email address being used.

Local

👤 Requires personal System admin role to manage local users

Local users are entirely managed by the Invictus Dashboard. They can have their own personal permissions assigned and can be deleted at anytime.

To manage local users, go to the top navigation bar and click on the Users button. This brings you to the page that displays an overview of all the users that has access to your Dashboard. There is the option to Add, Edit or Delete users.

Add a local user to the Dashboard

1. Click on the Add a new user button.

2. Specify all the user information and the user role.

Delete a local user from the Dashboard

1. To delete a user click on the delete icon next to the user in the user list. Confirm your decision in the confirmation box.

   👀 Local users can be distinguished as they have a personal role assigned.

Edit a local user's role in the Dashboard

1. To edit a user click on the pencil edit icon next to the user in the user list

2. You can change the role of the user and save the changes.

Forgot Password

Setting up Email Details

To configure the email settings, follow these steps:

1. Access Dashboard: Log in to the dashboard using a system admin account.

2. Navigate to Settings: Once logged in, navigate to the settings page. You'll find a form with the necessary details to complete.

   

3. Fill in Details:

   • Host: Enter the host address. For instance, if it's a Gmail email account, the host should be "smtp.gmail.com".

   • Port Number: The default port number is 587.

   • Email API Key and Password API Key: These keys are securely stored within the KeyVault service. Save the email address and password of the sending account within these secret keys.

   

   • SSL Enabled: It's recommended to enable SSL, as major email providers often require this setting. Ensure this option is checked.

4. Save Changes: Click the save button to store your settings.

Forgot Your Password - User Flow

To reset your password, follow these steps:

1. Click on Forgot Password? to initiate the password reset process.
2. The form will be displayed, and you need to enter the email address associated with your account.

3. After submitting the form, a confirmation message will be displayed, indicating that the reset password request has been sent to the provided email address.

4. Access your email inbox and look for the email containing the reset password instructions. The email will have a template like the one shown below.

5. In the email content, click on the here hyperlink. You will be redirected to the reset password form, where you can enter your new password.

6. Once you have successfully entered your new password, you can proceed to log in with the newly registered password.