About user settings

The Users tab on the Settings page allows users assigned the Allow user administration policy option to self-service the management of individual users who have access to your tenant.

User settings.

User access to Amperity is managed in two steps:

  1. Authentication determines and validates who the user is.

  2. Authorization determines what that user is allowed to do.

An unauthorized user may not access Amperity; an authorized user may only view and interact with the areas within Amperity to which their policy allows access.

Add users

Before a user can log into Amperity they must be added and a policy must be assigned to them. The Amperity admin interface allows users to be managed directly using name and password authentication.

Can users be added when single sign-on (SSO) is enabled?

Yes. You may configure Amperity to allow access to individual users as long as the domain name in that user’s email address is different from the domain name used by your SSO provider.

To add a user

  1. Open the Settings page, and then select Users.

  2. Click Add User. This opens the Add User dialog box.

  3. Enter the user’s full name (e.g. “Justin Currie”) and the email address with which they will log into Amperity (e.g. “justin.currie@amperity.com”). Only users from a known domain are allowed to access Amperity.

  4. Select the policy to which this user will be assigned.

  5. Select a resource group to which this user will be assigned.

  6. Be sure to send the user a welcome to Amperity email. (This is enabled by default.)

  7. Click Save.

Delete users

All users who should no longer be allowed access to Amperity should be deleted. This will delete the user for all tenants to which that user is assigned. Use the revoke tenant access process to delete a user from a tenant when that user has access to more than one tenant.

To delete a user

  1. Open the Settings page, and then select Users.

  2. Under Users, from the list of users, select the ellipses menu, and then click Delete.

Edit users

If the details for a user change, such as changing the policy to which they are associated, their details may be updated.

To edit a user

  1. Open the Settings page, and then select Users.

  2. Under Users, from the list of users, select the ellipses menu, and then click Edit. The Edit User dialog box opens.

  3. Make your changes.

  4. Click Save.

Revoke tenant access

Amperity users may have access to more than one tenant in Amperity. For example when two brands are managed as separate tenants. If a user has access to more than one set of data, access to an individual tenant may be revoked, which will prevent the user from being able to access this tenant. Access to any other tenant to which that user is assigned remains unchanged.

To revoke tenant access

  1. Open the Settings page, and then select Users.

  2. Under Users, from the list of users, select the ellipses menu, and then click Revoke tenant access.

Allowed domains

Only users from an allowed domain may access Amperity. Amperity maintains a list of approved domains for all users. This acts as an additional step to verify that users who access your brand’s Amperity tenant are approved users. Users cannot be created using an unknown domain.

To allow a domain

  1. Open the Settings page, and then select Users.

  2. Under Users click Add User. The Add user dialog box opens.

  3. Under Allowed domains, click the Request domain link.

  4. Add the domain for which the request is being made, and then specify the reason why it should be allowed.

  5. Click Send.

Multi-factor authentication

Multi-factor authentication (MFA) is a security measure in which a user gains access to an application only after providing additional proof of identity.

Amperity enforces multi-factor authentication for all users who log in with a username and password to help ensure that only authorized users have access to your tenant.

Users must choose one of the following options to enroll in MFA:

  • A phone number for contact via SMS

  • A one-time password via authenticator app

  • A security key

Once initial enrollment in multi-factor authentication is completed, subsequent logins can also use email and recovery codes.

To reset MFA

  1. Click the kebab icon (  ) next to your tenant name.

  2. Select Reset MFA.

    Users are immediately logged out and prompted to re-enroll in MFA on their next Amperity login.

To reset another user’s multi-factor authentication

You can reset another user’s MFA if you are a Datagrid Administrator or you are assigned the “Allow user administration” policy option.

  1. Go to the Settings page and click the Users tab.

  2. Click the kebab icon (fa-kebab) under Actions next to the name of the user whose MFA you want to reset.

  3. Select Reset MFA.

    Users are not logged out, but are required to re-enroll in MFA on their next Amperity login or after the current authorization expires.