User Management and Roles
Version 24.2.8980
Version 24.2.8980
User Management and Roles
The first time that you launch CData Sync, the application prompts you to create the first application user (with username and password credentials).
Note: The first user that you create defaults to the Admin role because this role has full control over the application.
Viewing Your User Accounts
You can view a list of all your user accounts (or, users) from the Users tab on the Settings page. The table on this page summarizes your users and enables you to manage those accounts from one access point.
The users are displayed in rows, with columns that provide details about each user. As shown above, you can specify the number of rows that you want to display on the page by selecting a number from the X records per page list at the bottom of the page.
Sync provides details about your user accounts in three columns:
-
NAME - Lists the user name and role.
-
STATUS - Lists the status of whether a user is active or inactive.
-
CREATED - Displays the date and time that a user was created.
If you click a user name, Sync opens the Edit User dialog box where you can make changes to the user settings.
You can organize your user list in ascending or descending order for the NAME, STATUS, and CREATED columns. To order the columns, simply click the up (▲) and down (▼) arrows next to the column by which you want to sort.
In addition, you can filter the table by role type and status. Sync also enables you to save filters that you define so that you can use them later. Unlike other pages, the Users page does not allow you to reset or save filter options. The only way you can clear a filter and return to the full Users table is to refresh the page from your browser bar.
Adding a User
To add a user:
-
Select Settings > Users to open the Users tab page.
-
Click Add User to open the Add User dialog box.
-
Enter a user name and password.
-
Select the role for the user:
-
(optional) Enter a federation Id only if you are using single sign-on.
-
Choose the options that you want:
-
API Access - Enables a user to access the API with an Auth token that is generated at the bottom of the dialog box when you select this option. For details, see CData Sync API Access.
-
Active - Specifies that the user is active.
-
-
Click Add User to create the user and close the dialog box. Once the dialog box closes, the new user appears in the Users table.
User Roles
Sync supports four types of users (roles):
-
Admin
-
Standard
-
Job Creator
-
Job Operator
The following sections describe each of these user roles and which actions each role can perform.
Admin Role
The Admin role provides full control over the application. An Admin user can create new jobs and connections, change application settings, and perform every other operation supported by the console. Only Admin users have permission to manage other users. Admin users can create, delete, and modify users. In addition, only admin users can view the Audit log, which records changes that are made within the application (by any user).
Standard Role
The Standard role allows users to create, edit, and delete jobs and connections, but it does not allow for changing application-wide settings like those that appear on the Settings tab.
Job Creator Role
The Job Creator role allows users to create, edit, and delete jobs and transformations, but it does not allow access to connections and does not allow for changing application-wide settings.
Job Operator Role
The Job Operator role is a Read-only role that enables users to start and stop jobs, view job history, and download job logs. However, these users cannot create new jobs, delete jobs, or change application settings.
User Roles Comparison
The following list shows which actions each user role can perform:
-
View connections, jobs, and transformations: All roles (Admin, Standard, Job Creator, Job Operator)
-
View application and job-execution logs: All roles (Admin, Standard, Job Creator, Job Operator)
-
Execute jobs and transformations: All roles (Admin, Standard, Job Creator, Job Operator)
-
Manage jobs and transformations: Admin, Standard, Job Creator
-
Manage connections: Admin, Standard
-
Install new connectors: Admin, Standard
-
Manage users: Admin
-
Change application settings: Admin
-
View Audit logs: Admin
User Management
From the Users table, you can edit user settings or delete a user by clicking the options menu (…) at the end of a user row.
Selecting Edit opens the Edit User dialog box, where you can change any of the current settings.
Selecting Delete permanently removes a user account.
User Creation on External Java Servlets
When Sync is deployed to an external servlet (that is, Sync is not using the embedded server that is included), additional Java Authentication and Authorization Service (JAAS) configuration is required to enable Sync to create users dynamically within the application. For more information about JAAS configuration for specific Java servlets, see Deploying CData Sync to External Servlets.
CData Sync API Access
Each user can be granted an Auth token that enables access to the Sync API. For more information about authenticating against the Sync API, see Sync API.
The specific actions that a user can perform via the Sync API mirrors the actions that the same user can perform via the UI. For example, a user that cannot delete connections via the UI cannot use the Sync API to delete connections. To perform any arbitrary action via the Sync API, use an Auth token from an Admin user when you invoke the API.
Password Resets
In the event that an administrator is locked out of Sync, the embedded web servers in each edition provide the ability to reset an administrator’s password to regain access to the application.
To reset the password in Sync, submit the following command:
java -jar sync.jar -ResetPassword -User <user> -Password <password> -AppDirectory <AppDirectory>
Note: As an option, you can set the password via the REST API, as explained in Modify a User.